Spam Mails Sent to Exploit Free Windows 10 Upgrade

In San Francisco, it seems that phones, computers and automatic internet connection are not the only ones rolling out with Windows 10. It looks like that hackers are going with the flow. Security researchers have recently found that hackers are sending bogus spam emails that contain malicious attachments. According to an IBN Live report, the attachments are disguised as legitimate copies of the new operating system.

The emails contain a "ransomware," the report said. It is called CTB-Locker. Upon opening the attachment, the program will lock the contents of the affected computer. It will then demand payment from the user, so he will be able to retrieve the files. When the user has inadvertently launched the ransomware, he will be given 96 hours to give payment. The malicious program comes with a note warning users of infected devices not to attempt to get rid of the ransomware by themselves.

"I suspect this one is going to be an absolute bastard to deal with because they use good asymmetric encryption," security outreach manager of Cisco's Talos team, Craig Williams, said in The Register.

The email and attachment mimic the Redmond company's messages to users who avail of the free upgrade. The messages are copied almost word per word from Microsoft's original release, with typographical errors giving them away as fakes. Microsoft, however, does not email users the upgrade. It can be availed using instructions given in upgrade.microsoft.com.

The ransomware also comes with a Microsoft disclaimer in the message, which almost goes unnoticed because of the similar layout, font and color when placed alongside the original.

Williams pointed out that the program has many quirks, saying the 96 hours given to respond is shorter than that of other similar malicious attachments. In addition, it gives instructions for the decryption charges. It also sends large amounts of data, probing Williams to tag it as "unusually chatty." This may be a ploy to dig the user's computer for anything that may be useful.

According to The Register, Cisco has already developed a countermeasure for the malware. Any amount of money that goes directly to CTB-Locker because of the malware will contribute to the circulation and further development of the malicious program.

Microsoft has not released a statement regarding the spam campaign as of yet. The company launched Windows 10 last week, on July 29.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics