. New Ransomware Acts Like Windows Update - MajorGeeks

MajorGeeks.com - We know you're out there, and we're coming to get you.

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. Smart Defrag

2. Macrium Reflect FREE Edition

3. Visual C++ Redistributable Runtimes AIO Repack

4. K-Lite Mega Codec Pack

6. Mozilla Firefox

7. Microsoft Expression Web

8. Visual C++ Runtime Installer (All-In-One)

9. Sergei Strelec's WinPE

10. McAfee Removal Tool (MCPR)

What is a WebP Image?

How to Manage Virtual Memory (Pagefile) in Windows 10 /11

Enable, Disable, Manage, Delete or Create a System Restore Point

Backing Up Your Data Effectively: A Geek's Guide

How to Properly Use Microsoft System File Checker in Windows 11 and 10

Show Your Support for MajorGeeks a Donation

Resolving Strange PC Errors: The Role of RAM in System Performance

How to Fix Critical Process Died in Windows 10/11

Every Known Windows Terminal, Command Prompt and PowerShell Command

How to Get Dark Mode Back in Google Chrome and Improve it

New Ransomware Acts Like Windows Update

Posted by: Timothy Weaver on 08/27/2016 10:17 AM [ Comments ]

A new ransomware, discovered by AVG malware researcher Jakub Kroustek, disguises itself as a Windows Update.

Called Fantom, the malware displays a fake update window while the victims files are encrypted. To try to hide the activity of the file, if you check properties of the file it will say it is a Microsoft product called critical update kb01.

The fake update screen even has a counter that looks like it is making progress in updating the system. However, this is just a ruse to give the malware time to encrypt the files. You can remove the update screen by hitting Ctrl+F4 keyboard combination. This closes the screen but does not stop the ransomware.

Once the files are encrypted, the malware will display a ransom note giving the victim his ID key and contact info for paying the ransomware with email addresses of fantomd12@yandex.ru or fantom12@techemail.com.

There is no fix for the ransomware at this time.

Source: BleepingComputer

Comments

comments powered by Disqus

© 2000-2024 MajorGeeks.com

Powered by Contentteller® Business Edition