Alert High Priority|Fake Windows 10 update
Alert High Priority | Fake Windows 10 update
Alert issued by the Australian Government August 4 2015
Ransomware disguised as an installer of the new Microsoft Windows 10 operating system is encrypting Australian user and business computers.
The ransomware resides in an email that claims to be from Microsoft which offers a free upgrade to Windows 10. The email contains a zip file attachment, which contains a program labelled as the Windows 10 installer. However, if you run this program, it will encrypt any important files, including word documents and photos on your computer.
If you receive an email offering a free upgrade to Windows 10, we advise that you delete the email and do not open it or any attachments.
Windows users interested in upgrading their computer can register via Microsoft’s official website. Windows 10 updates will then be facilitated by a program on your computer, not via an email offer.
Security researchers at Cisco have provided detailed technical information on the attack on their blog, and a video showing the consequences of running the ransomware program. Please note this video was recorded in a very carefully controlled environment, created and operated by security experts. We advise that you do not run the ransomware program in any circumstance.
Business users should check upgrades with their IT departments, and not attempt to perform such activities themselves.
Businesses are also advised to be vigilant in protecting their existing computer systems and in ensuring that their critical data is backed up in case an attack does occur. Encrypted data could then be recovered from backup copies.
Stay Smart Online has provided alerts about a number of ransomware attacks in the past, including the Cryptowall 3.0 attack in June 2015.
The current Windows 10 attack does not use exploits, and relies instead on the user being deceived into running the malware.
While there have been reports that files are recovered if the ransom is paid, this does not protect your computer against further attacks. This makes is possible for the attacker to simply encrypt your files again. For this reason, we do not recommend that you pay the ransom, and instead seek immediate technical advice.
Further information can be found HERE
Alert High Priority|Fake Windows 10 update