Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Fantom ransomware impersonates Windows update
#1
[Image: ioIAfMcl.png]

Quote:Windows 10 has been notorious about automatically installing updates on users’ machines and now there is a ransomware that aims to capitalize on it. The new ransomware, Fantom, is based on the EDA2 open-source ransomware project on GitHub called hidden tear that’s recently been abandoned.
Fantom behind the scenes
In an attempt to conceal malicious intention, the authors of this ransomware modified the file properties to show copyright and legal trademarks mimicking a Windows update.
Once this dropper is executed, the payload “WindowsUpdate.exe” is dropped in AppData\Local\Temp displaying the fake Windows Update screen as shown below. This screen locks you out of doing anything else on your computer, keeping in line with the scam that Windows 10 doing its normal interrupt of updates.
The percentage counter does work and will go up at about a percent per minute. However, it’s fake and doesn’t represent anything other than to communicate to you that this “Windows update” will take a while and that you shouldn’t be alarmed of CPU usage and hard drive activity. You can close this fake update overlay by ending the process “WindowsUpdate.exe” using task manager, but the encryption of your files is unaffected.

https://www.webroot.com/blog/2016/08/29/...34610517=1
Reply
#2
Thanks, another reason no 10 Smile
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Lazarus hackers use Windows Update to deploy malware Mohammad.Poorya 0 848 01-28-2022 , 05:33 AM
Last Post: Mohammad.Poorya
  Ryuk ransomware now self-spreads to other Windows LAN devices mrtrout 0 814 02-26-2021 , 09:40 PM
Last Post: mrtrout
  Microsoft removed the defer feature update setting in Windows 10 tarekma7 0 1,429 07-01-2020 , 08:20 PM
Last Post: tarekma7
  Alert Windows 10 users:Latest March update will stop your PC from accessing internet sidemoon 2 1,848 03-28-2020 , 03:55 PM
Last Post: sidemoon
  Critical Windows Update Spam Fails at Delivering Ransomware tarekma7 0 1,386 11-20-2019 , 07:34 PM
Last Post: tarekma7

Forum Jump:


Users browsing this thread: 1 Guest(s)