Phishing hoax following the Windows 10 feature pack roll out

Patch Tuesday

Hackers using trending events to manipulate end-users into falling for cyberattacks is nothing new. So when Windows rolled-out its Vanadium 1909 feature pack update, it was only a matter of time before this was leveraged by cybercriminals to launch phishing attacks.

Currently, a spam campaign is out seeking victims. The phishing emails come with subject lines like “Install Latest Microsoft Windows Update now!” or “Critical Microsoft Windows Update!” In case you didn’t already know, Microsoft will never push updates through emails.

These phishing emails will also ask you to install the latest Windows update by clicking on a fake JPEG attachment that is not actually an image file, but an executable developed by hackers to install Cyborg ransomware in your machines.

What can Cyborg do to your machines?

  • This .NET-compiled ransomware encrypts all the files in an infected machine once activated.
  • It appends filenames with invalid “.777” file extensions.
  • It then leaves a text file open including a ransom note.
  • Finally, it leaves a copy of itself named “bot.exe” in the infected drive.

It’s also reported that the ransomware builder is an executable file hosted on Github. Once someone gets hold of the Cyborg Builder Ransomware V 1.0.exe, it can be used to create multiple malware variants, and new phishing campaigns can be launched all over again. Moreover, this ransomware can be carefully crafted to avoid identification. With a huge number of email-based attacks happening in the cyberspace and the accessibility of a ransomware builder on a development platform like Github, organizations need to up their cybersecurity strategies to address this critical issue.

Keeping attacks like these at bay

ManageEngine’s Patch Manager Plus provides you timely updates and notifications so that you need not worry about phishing emails sending fake update notifications. With ManageEngine Patch Manager Plus, you can automate patch deployment and be confident that the network you’re managing is up to date, so you can sit back and relax. Try the Patch Manager Plus free trial.

Also, did you know that Patch Manager Plus can help you upgrade your Windows 10 1909 feature pack? Read more about the feature pack.

** Optrics Inc. is an Authorized ManageEngine partner


The original article can be found here:

https://blogs.manageengine.com/desktop-mobile/patch-manager-plus/2019/11/29/phishing-hoax-following-the-windows-10-feature-pack-roll-out.html

Leave a Reply