Microsoft's offer of free upgrades to the new Windows 10 operating system (OS) is being exploited by hackers who are sending malicious emails offering bogus downloads for the software. Security researchers warn that spam with dangerous attachments is sent to look like a legitimate version of Microsoft's newly released product.
The attachments include a CTB-Locker "ransomware" program. When the email receiver opens it, it locks up the computer's data by encrypting items such as documents and media files, and then demands payment before it will release the CPU.
Cisco Systems' researches stated that the emails appear like a system upgrade notice from Microsoft Corp. However, many words are sprinkled with random letters and punctuation, according to CBS Detroit.
Microsoft's true original address has also been mimicked, reading as update@microsoft.com, according to The Register. However, the IP address is actually from Thailand.
A phony Microsoft disclaimer is even included in the email. It claims that the attached files have been scanned and are virus-free.
Another red flag exists. Microsoft shared that it notifies Windows owners of downloadable software updates on screens rather than through email, so netizens should never click on unsolicited emails.
Cisco told The Register that creating a fix for the ransomware will be hard as nails due to its solid encryption. It is also unique in several ways. Its demand for money is a short four days, provides instructions for responding via a certain protocol, and curiously promises a no-charge decryption of five files.
Cisco manager Craig Williams has also noted that the malware was quite "chatty." It transmits large volumes of data to servers, which could imply it is conducting data mining on the victims' files, according to The Register.
Anti-malware software is being upgraded to battle CTB-Locker. However, when scam victims pay the hackers who kidnap their digital data, the funds help to cover the paychecks of the malware development team. That will in turn result in more advanced ransomware.
CryptoLocker was one of the Web's first ransomware. Discovered during the autumn of 2013, hackers first demanded that victims pay them $300 within a certain timeframe in order to get their files and content back.