Fake Windows update has ransomware

Fake Windows update has ransomware


Cybercriminals are getting smarter, misleading people into clicking on malicious links, thus downloading viruses onto your computer. Fantom is a new form of dangerous ransomware that is disguised as a Windows update. Ransomware will encrypt your files and hold them hostage for a price.

Jakub Kroustek at AVG discovered Fantom, the virus is so advanced that it is not seen by your virus protection. The dangerous files appear legit thanks to the properties that lists details like Microsoft’s copyright and trademark information. Criminals are going above and beyond to mask their intrusions.

As soon as the file is downloaded, another file will be executed by your computer called WindowsUpdate.exe, which doesn’t raise any suspicion. During this process all files are being encrypted and after the encryption is done, a screen appears that informs you that all of your files have been encrypted; also informing the user to email for further instructions as all the files will be destroyed if no response is made within a week.

Unfortunately there is no decryption key available for Fantom even though it appears to be very similar to other randsomware. It is believed that the source of the ransomware is a Russian-speaking hacker, but it is impossible to accredit Fantom to anyone at present.