Fake Windows 10 ‘Update’ Is Actually Just Filled With Ransomware

Fake Windows 10 ‘Update’ Is Actually Just Filled With Ransomware
Image: Getty Images

It’s no secret that Microsoft’s Windows 10 updates have been controversial as of late. They’ve been filled with patches fixing previous updates’ bugs only to create more issues. Now, there’s a whole new problem altogether: Fake ransomware-filled updates.

Latest Windows 10 Update Could Be The Worst One Yet

We regret to inform you that the latest Windows 10 updates continue to be downright pests. This time, there are reports of some users receiving the rightfully ominous-sounding, Blue Screen of Death (BSOD) after updating. Here's what you should do.

Read more

Researchers over at Trustwave’s SpiderLabs have warned Windows 10 owners of a new email scam designed to trick users frustrated with broken updates into downloading a fake update. That update, of course, is filled with ransomware.

How to spot fake Windows 10 updates

SpiderLabs explains the infected emails often come with the subject line Install Latest Microsoft Windows Update now! or Critical Microsoft Windows Update! with the body simply including one line to the effect of “Please install the latest critical update from Microsoft attached to this email.”

There will likely be something that looks like a .jpg file but SpiderLabs explains it’s actually an .exe file, which will launch the file that then installs the malicious malware. The file is about 28KB, according to the researchers.

“The Cyborg Ransomware can be created and spread by anyone who gets hold of the builder,” SpiderLabs’ blog said. “It can be spammed using other themes and be attached in different forms to evade email gateways. Attackers can craft this ransomware to use a known ransomware file extension to mislead the infected user from the identity of this ransomware.”

How do I not get infected?

Like all advice, the best thing to do when you see dodgy emails requesting you install something is to delete them and make sure your password is strong if you suspect it’s been compromised. Telltale signs of an email with malicious intent include misspellings, poor grammar and incorrect branding.

While it’s not advisable to even open an email, if you check the sender’s email, they’re also likely to be a dead giveaway. Official emails from Microsoft, or even Netflix like another recent scam, are not likely to use Gmail or include incorrect domains like “Microsoft.org”. Keep an eye on these and remember to report anything to Scamwatch so they can monitor the situation.

What Is Windows BlueKeep And Do We Need To Freak Out?

While we all like to think we're reasonably vigilant with security on our devices, we tend to be lulled into a false sense of security if we haven't been affected for a while. So here's something that should snap you back to attentive: A new cyberworm, called BlueKeep, is shaping up to be one of the worst mass cyber attacks since WannaCry. Yikes.

Read more

[Via SpiderLabs]


    • The word ‘update’ was in quotation marks and the nature of the threat was explained in the opening paragraph. (Which readers can see before they click.)

      With that said, I’ve added “fake” to the headline to clear up any confusion.

  • Ok, so it is a bit clickbaity like a few “articles” on Lifehacker but in the main, LH is still one of my top goto sites for tech news etc. Now their related site Gizmodo is a whole different ballgame. What use to be a great site has now banned all reader comments and has become a soapbox for the writers to voice their own political opinions with hardly any tech news. It is now just a safe space for the people who like to live in that bubble.
    Whilst LH also has that particular leaning, it hasnt been completely taken over but it will come. Why TF can we not just have a site that gives us what we want like tech news without the blubbering social commentary and personal vendettas.

  • This is where I bow out of adding valuable comments , or at least I thought they were.Life Hacker has now demonstrated they are nothing but a gossip board and should in not way be used in real life.

    I will find a more creditable read such as Whirlpool Forums.

    Just remember it is BS headings, and 1/2 arsed editorials in Australian media that prevent its citizens from being well informed during elections. I point my finger directly at our media for the poor parliament, and effectively rendering elections garbage.

Show more comments

Log in to comment on this story!