Watch Out: That Windows 10 Update Might Be Ransomware

PC users still looking to upgrade their computers to Windows 10 are being warned to thoroughly check any new alerts they receive following reports criminals are disguising malware as Microsoft updates.

Researchers from security firm Bitdefender Labs have found that cybercriminals are spreading the CTB Locker ransomware via fake emails purporting to come from Microsoft and offering users Windows 10 installation kits.

If installed, the ransomware encrypts files on the targeted PC and demands that two Bitcoins, worth roughly £360 ($600), be paid within 96 hours in order to restore them (pictured below).

Tips on how to set privacy settings in Windows 10

Scam

“This software release creates the perfect context for cybercriminals and they’re fully taking advantage of it,” states Bogdan Botezatu, senior e-threat analyst at Bitdefender. “Millions of people are expected to upgrade to Windows 10, so we might witness a substantial number of PC users falling victim to such scams.”

The ransomware does need to be downloaded and executed by the user in order to deploy, but the criminals have apparently made a significant effort to make their initial emails appear genuine.

Users receiving the ransomware see a seemingly genuine update@microsoft.com email address as the sender of the email, which also has a subject line of ‘Windows 10 Free Update’.

So far, Bitdefender Labs has detected the malicious emails were sent over the course of three days from spam servers located in a variety of countries including France, Russia, the US, Thailand, Ukraine, India, Kazakhstan and Taiwan.

Since its official release last week, Windows 10 has proved a huge success amongst consumers, with the free upgrade being installed on 14 million devices in the first two days of public availability.

What do you know about Windows 10? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

View Comments

  • Hopefully antiviruses can detect that kind of threat, but I think the most effective way of preventing this is to use a cloud desktop with automatic daily backup features like V2 Cloud (https://v2cloud.com) where you can roll back to a previous state of your whole computer anytime, so if something like this happen today you can revert your system back just like it was yesterday and get your files back

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago