Windows updates are usually something that you don’t get via email. If you get an email claiming to be from Microsoft about a Windows update, don’t open it.

Security researchers from Trustwave’s SpiderLabs have discovered a new malicious campaign that spoofs urgent update emails from Microsoft to infect user’s systems with the Cyborg ransomware.

That said, the ransomware gives itself away by being propagated via email. The bogus email will either come with the subject line of “Install Latest Microsoft Windows Update Now!” or “Critical Microsoft Windows Update!” to tempt you into opening it. It also only contains a simple line that reads “Please install the latest critical update from Microsoft attached to this email”.

Another sign that something is not quite what it seems is that the attachment comes with a .jpg extension. In essence, it pretends to be an image file when it is, in fact, an executable. When you do click on it, the ransomware encrypts all of your files and gives them its own unique .777 extension. It then leaves a ransom note on your desktop and creates a copy of itself at the root of the infected drive.

As it turns out, a builder for this Cyborg ransomware exists online. The researchers also found a GitHub account with the name Cyborg-Ransomware with the ransomware builder.

All in all, the usual online safety rules still apply. You’ll be safe as long as you don’t open suspicious emails, and especially whatever is attached to them. This is especially when they ask you to run or install something that isn’t supposed to become through emails anyway.

As human beings, we will make the same mistakes even if the info is widespread, best to have a precaution before it happens for your workplace. We have a complete solution for future prevention, DDS+ Diskless System. Any harm done to client PC will be restored to the initial clean state after rebooting the client PC so worry no more about any malicious software and virus attack. If you have any questions regarding our solution, contact us for more info.