Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Is that really a Windows update you are about to click on? Or ransomware in disguise? As first documented by Fortinet FortiGuard Labs and followed up by Trend Micro, new ransomware is currently on the rise and disguising itself as fake Windows updates and Word installers as part of a malvertising campaign. Also, multiple variants of this ransomware have been discovered.
Here's what we know so far and what you can do to protect yourself.
Just a reminder for something that we all need to know
Just a reminder for something that we all need to know
If MS with all their control over their OS can't make sure that it only trusts valid updates from the mothership what can we mere mortals do?
This is why I don't trust them, or Amazon, or anyone else to keep my backups. My archives and backups are on media I control, offline and several copies of various ages so that if a problem is introduced and I don't catch it right away I will (probably) have an older copy that I can at least restore a resonable baseline from
If MS with all their control over their OS can't make sure that it only trusts valid updates from the mothership what can we mere mortals do?
This is why I don't trust them, or Amazon, or anyone else to keep my backups. My archives and backups are on media I control, offline and several copies of various ages so that if a problem is introduced and I don't catch it right away I will (probably) have an older copy that I can at least restore a resonable baseline from
Stop opening executables from random stuff.
Big Head just pops up a window that looks like a windows update screen when you launch the executable. It does that because encrypting your hard drive takes a lot of time. Since you've been trained to patiently sit there while windows updates do their thing, you patient sit there while the screen that says it's a windows update that opened up after you launched the ransomware app encrypts your drive.
What a lame, vague report!
There was ZERO info on how the infection originated.
No details on what this so-called Windows Update screen even looked like but if you willy-nilly download programs or click on links or open email attachments what the malware disguises itself is of no real importance.
No details on how people got the malware in the first place (source)? Lousy article that really doesn't do much other than to scare people.
If you are seeing the "fake" Windows update screen, it is already (kinda) too late.
You cannot blame MS if some malware pretends to be a message from Microsoft about whatever.
Users are always the weakest link and their own gullible or idiotic computing habits should not be grounds to blame another.
What a lame, vague report!
There was ZERO info on how the infection originated.
No details on what this so-called Windows Update screen even looked like but if you willy-nilly download programs or click on links or open email attachments what the malware disguises itself is of no real importance.
No details on how people got the malware in the first place (source)? Lousy article that really doesn't do much other than to scare people.
If you are seeing the "fake" Windows update screen, it is already (kinda) too late.
You cannot blame MS if some malware pretends to be a message from Microsoft about whatever.
Users are always the weakest link and their own gullible or idiotic computing habits should not be grounds to blame another.
Simple as that.
Sounds like I misunderstood something along the way. I thought the issue was that my winbox would accept updates from suspicious sources. I only install updates that my system (thru the update process) accepts as valid. I will admit that when my shutdown button has the little dot and says something to the affect of 'Windows needs to update and reboot' I accept it as valid.
Sounds like I misunderstood something along the way. I thought the issue was that my winbox would accept updates from suspicious sources. I only install updates that my system (thru the update process) accepts as valid. I will admit that when my shutdown button has the little dot and says something to the affect of 'Windows needs to update and reboot' I accept it as valid.
Yeah, the title kinda made it sound like the vulnerability was within Windows (windows Update process to be exact) but I am certain the users on those systems in question clicked on the wrong link or opened a malicious email attachment or downloaded a rogue app or known app but from a shady site where they injected a malware in the package, etc.
So, the real problem is not a known, typical Windows process vulnerability, it is simply the good old user made a Boo-Boo issue.
What makes me mad is unhelpful, confusing and vague articles like this that ultimately provides no usable, practical info to anyone.
Here is my point to confirm my above statement: What have you learned that could actually help you take any specific action to be safer, more secure for this threat?
Agree Turco. I am sure it's like the FBI warning phish. Something pops up and takes over the whole screen "CRITICAL WINDOWS UPDATE! MICROSOFT RECOMMENDS CLICKING HERE...."
Agree Turco. I am sure it's like the FBI warning phish. Something pops up and takes over the whole screen "CRITICAL WINDOWS UPDATE! MICROSOFT RECOMMENDS CLICKING HERE...."
Yup. I tell people all the time, if you got important and/or irreplaceable data on your computer and you clicked on the wrong thing and can ascertain that you just opened the malware gates of hell, the worst thing to do is nothing.
Best thing to do is to pull the power cord immediately as soon as you can.
Kill the power in order to hopefully stop or, at least, minimize the ongoing damage.
Then simply call a pro to work on it.
Don't simply restart the computer to scan or go into safe mode or whatever. You are not a pro and you don't know what you got hit with so, don't take any chances, period.
Along the same lines, I ask the following to average home users:
Would you rather spend couple a hundred on an external backup solution to periodically backup your important data
-or-
Would you rather take a chance to see if the data from your dead drive might be even recovered at a starting cost of $500?
The way I look at it, if you were smart enough not to have a GS membership, you'd be able to tell it was fake but if you had the membership then you were already phished way before the email!
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Lousy article that really doesn't do much other than to scare people. 
