Watch Out: That Windows 10 Update Might Be Ransomware

Bitdefender study reveals criminals are sending out Windows 10 upgrade emails to disguise CTB Locker ransomware

PC users still looking to upgrade their computers to Windows 10 are being warned to thoroughly check any new alerts they receive following reports criminals are disguising malware as Microsoft updates.

Researchers from security firm Bitdefender Labs have found that cybercriminals are spreading the CTB Locker ransomware via fake emails purporting to come from Microsoft and offering users Windows 10 installation kits.

If installed, the ransomware encrypts files on the targeted PC and demands that two Bitcoins, worth roughly £360 ($600), be paid within 96 hours in order to restore them (pictured below).

Tips on how to set privacy settings in Windows 10


windows 10 upgrade ransomware“This software release creates the perfect context for cybercriminals and they’re fully taking advantage of it,” states Bogdan Botezatu, senior e-threat analyst at Bitdefender. “Millions of people are expected to upgrade to Windows 10, so we might witness a substantial number of PC users falling victim to such scams.”

The ransomware does need to be downloaded and executed by the user in order to deploy, but the criminals have apparently made a significant effort to make their initial emails appear genuine.

Users receiving the ransomware see a seemingly genuine email address as the sender of the email, which also has a subject line of ‘Windows 10 Free Update’.

So far, Bitdefender Labs has detected the malicious emails were sent over the course of three days from spam servers located in a variety of countries including France, Russia, the US, Thailand, Ukraine, India, Kazakhstan and Taiwan.

Since its official release last week, Windows 10 has proved a huge success amongst consumers, with the free upgrade being installed on 14 million devices in the first two days of public availability.

What do you know about Windows 10? Try our quiz!