Your files are encrypted with a “Windows 10 Upgrade”
(Publication) Google search: [1]
| Your files are encrypted with a “Windows 10 Upgrade” | |
|---|---|
| Botnet | CTB-Locker |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2015 / 2015-07-31 |
| Editor/Conference | CISCO |
| Link | http://blogs.cisco.com/security/talos/ctb-locker-win10 (Archive copy) |
| Author | TALOS |
| Type | Blogpost |
Abstract
“ Adversaries are always trying to take advantage of current events to lure users into executing their malicious payload. These campaigns are usually focussed around social events and are seen on a constant basis. Today, Talos discovered a spam campaign that was taking advantage of a different type of current event.
Microsoft released Windows 10 earlier this week (July 29) and it will be available as a free upgrade to users who are currently using Windows 7 or Windows 8. This threat actor is impersonating Microsoft in an attempt to exploit their user base for monetary gain. The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR2221,
editor = {CISCO},
author = {TALOS},
title = {Your files are encrypted with a “Windows 10 Upgrade”},
date = {31},
month = Jul,
year = {2015},
howpublished = {\url{http://blogs.cisco.com/security/talos/ctb-locker-win10}},
}