Ransomware protection by windows Defender

Windows always tell their customers to update windows on a regular basis. In the past, we have seen that the Outdated Windows system has faced Ransomware attack, which locks all the data of the user. This happens because systems are not updated to the latest build. This attack has been seen on systems running Windows XP especially.

Now, Windows user is being attacked by another Ransomware called “Cyborg”. This ransomware has been detected by researchers at SpiderLab.

How this is Spread

Users are getting an email from a random person with the subject “Critical Windows Update”, having content as “Please Install this latest Critical Windows Update from Microsoft.”

The attachment in the Email has an extension of .jpg (around 28kB). Later it gets converted into an executable file. This executable file is a malicious .NET downloader that will deliver another malware to the infected system.

Later, everything is done you will get to know that Cyborg Ransomware is being installed on your System, and it will start to encrypt your data on the drives as soon as it is installed.

Also Read: Pegasus Spyware Attack on WhatsApp

You will see your file names are being appended with the extension (.777). Also, you will get a note demanding $500 worth bitcoin form the attacker.

Fun Thing :

The bitcoigenerator.exe which is responsible for spreading this ransomware was openly available for anyone. “The attached executable file further downloads another executable called bitcoingenerator.exe from a now-defunct GitHub account named misterbtc2020”, Fossbyte states. The same statement is from SpiderLabs as well.

How to be safe

To be safe from this is simple, just don’t download any attachment from suspicious Email. Microsoft provides the inbuilt option for downloading updates being pushed to the users. Download updates only from Windows or Microsoft Website. Also, keep your Windows up to date.

Image Source