Is this really a Windows Update you are about to click? Or disguised ransomware? As first documented by Fortinet FortiGuard Labs and tracked by Trend Micro, new ransomware is currently on the rise disguising itself as fake Windows Updates and Word installers as part of a malicious advertising campaign. Also, several variants of this ransomware have been discovered.
Here’s what we know so far and what you can do to protect yourself.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECHNICAL ADVICE AND EASY FEEDBACK TO MAKE YOU SMARTER
What does this new ransomware do?
The ransomware, called Big Head, infects devices and encrypts device files by showing a fake Windows update alert on the victim’s computer. Three encrypted executables are deployed in the attack – one to spread the malware, one to facilitate communications via Telegram, and one to encrypt the files and display the fake Windows update.
If a person clicks on this fake Windows update alert, Big Head will start its attack by deleting backups, checking the virtualized environment, disabling the computer’s task manager to prevent the user from deleting it, and more.
The ransomware, called Big Head, infects devices and encrypts device files by showing a fake Windows update alert on the victim’s computer. (Micro Trend)
Variants of Big Head ransomware have also been discovered capable of stealing web browser history, directory listings, running processes, product keys, and network information. Most of the samples of this ransomware were submitted from USA, France, Turkey and Spain.
RUSSIAN RANSOMWARE ATTACK SOFTWARE TARGETS APPLE MAC AND MACBOOK
What can I do to protect myself from this ransomware?
Ransomware criminals will try to make you pay money to get your files back. However, paying the ransom does not guarantee that you will regain access to everything a criminal takes from you and will only allow them to do more.
Your best bet is to prevent an attacker from accessing your files so you don’t have to fight to get them back. Here are some of my tips to prevent your files from being stolen during a ransomware attack.
Avoid summary emails
If you receive an email from an address you don’t recognize, don’t open it. If you open it by mistake, avoid clicking on links or opening attachments in the email. This is a classic method that cybercriminals use to try to trick you into thinking the message is from someone important.
HOW TO BACK UP YOUR MAC COMPUTER
Have good antivirus software
It is possible to prevent hackers from accessing your devices if you have good antivirus software installed. Having anti-virus software on your devices will prevent you from clicking on potential malicious links that could install malware or ransomware on your devices, giving hackers access to your personal information. Plus, it’s designed to tell you when there’s already malware on your device so you can get rid of it right away.
See my expert opinion on the best virus protection for your Windows, Mac, Android and iOS devices by visiting Cyberguy.com/LockUpYourTech
Back up your files to an external hard drive
I strongly advise you to create backups of your information on an external hard drive and store them safely in a safe place. This process involves regularly making backup copies and then disconnecting the external drive from your computer for added security. You should store the disconnected drive in a safe place, such as a fireproof safe or a safe. By keeping the drive unplugged when not in use, you greatly minimize the risk of unauthorized access to your data by hackers.
To learn more about the great devices you can use to back up your important files, visit Cyberguy.com/BackUpDevices
HOW TO BACK UP YOUR WINDOWS COMPUTER
Use a cloud service
The advantage of cloud storage is its flexibility. If you ever need extra storage space, you can get it right away (although there is a price). However, there is a major downside to consider: you cannot be sure who has access to your stored data. Just so you know, the term “cloud” is more of a metaphorical concept. Your data resides on servers owned by someone else, making it potentially vulnerable to hackers, snoopers, and other unscrupulous individuals.
To learn more about the best cloud services you can use to back up your important files, visit Cyberguy.com/BackupDevices
Keep software up to date
Regularly update your operating system, anti-virus software, web browsers, and other applications to ensure you have the latest security patches and protections.
Kurt’s main takeaways
Attacks like these are scary, especially when the attacker disguises himself as a legitimate company like Microsoft. This is why you should be extremely careful before clicking on any links or opening any attachments that are sent to you out of the blue. Be sure to follow my advice and don’t be so quick to judge everything you see right away.
CLICK TO GET THE FOX NEWS APP
Why do you think the United States was a major target of this ransomware? What more should the authorities do to arrest him? Let us know by writing to us at Cyberguy.com/ContactFor more of my security alerts, subscribe to my free CyberGuy Report newsletter by going to Cyberguy.com/Newsletter
Copyright 2023 CyberGuy.com. All rights reserved.