Rome – The enthusiasm expressed by users with regard to the upgrade to Windows 10 is a wonderful opportunity for scammers of ransomware: acting on behalf of Microsoft, are disseminating email inviting you to download what is called “Windows 10 Free Upgrade”.
To signal the start of the campaign are malevolent security researchers Cisco: the email that began circulating, together with Annex to 734 kb called Win10Intaller .zip , is from your update@microsoft.com , evidently the result of spoofing and IP address associated with a Thai. Try to be characterized with the white and blue brand features Redmond propaganda and the quality of Windows 10: only elements to betray the fraudulent origin of the message, not the character encoding standards, excessive zeal with which the message ensures its authenticity and the fact that the contact e-mail is provided for upgrade mechanism deployed by Redmond.
The compressed file, which claims to be the installer, conveys the ransomware classified as CTB-Locker for through a system of elliptic curve cryptography, inaccessibility of user files providing only 96 hours to pay the ransom by Bitcoin, and demanding a response from the victim by Tor, with all the accompanying instructions. The researchers detected malware in an unusual tendency to exchange traffic with the user’s machine, perhaps to grab information about any useful content to break down the defenses of the user and make him give in to extortion.
Cisco recommends users monitor, to provide backup copies of your files to be kept safe, offline, “the bad guys are always trying to take advantage of current events to get users to install their payload,” remind researchers, and an event in context and great resonance as an upgrade to Windows 10 could not be an exception.Gaia Bottà
No comments:
Post a Comment