Microsoft’s Windows 10 can easily qualify as the hottest thing in the tech right now and as a matter of fact, it is already being targeted by hackers. Cisco security researchers have been warning users against opening the e-mail attachments which reportedly appear as if sent by Microsoft.
Malwares are nothing new for Windows users but this one boasts of some unique characteristics and it also holds your data for ransom, literally! The malware encrypts files till a ransom is paid and is spreading its reach, thanks to a well disguised email spam campaign.
The e-mail says that its attachment consists of an installer which will let users get their hands on new operating system faster. The frenzied rush for updating to Windows 10 makes the users more gullible for such attacks. After users open the attachment and install it, the actual malware opens and starts automatically encrypting the data after locking out the users.
The most interesting bit of this attack is that unlike other malware, this one asks for money upfront and uses a bitcoin account for payment making the attackers virtually invincible. The fact that they will be hooked up to TOR or any other anonymity network will add an additional layer to their identity.
Cisco researcher Nick Biasini said in a blog post that “The attackers are impersonating Microsoft in an attempt to exploit their user base for monetary gain.” He further warned that the malware payload CTB-Locker is being deployed at a “high rate”
Biasini further explained the Modus Operandi “The functionality is standard however, using asymmetric encryption that allows adversaries to encrypt the user’s file without having the decryption key reside on the infected system”
Crypto-locking malware also referred to as Ransomware have been the latest rage and according to FBI they have nearly received 1500 cases so far costing the users a loss of $18-Million.
The situation is akin to having lost the key to the room you are locked in and the only way you can get out is by paying a ransom and getting the key. That being said, the chances are that the attacker might still refuse to handover the decryption key even after paying the ransom. We would advise Windows user to keep calm and make sure they dont download and open attachments from unknown sources and remember Windows 10 is for everyone so its just a matter of time.