Watch out for this new malicious ransomware disguised as Windows updates

Follow my expert tips to prevent yourself from being the next victim

Is that really a Windows update you are about to click on? Or ransomware in disguise? As first documented by Fortinet FortiGuard Labs and followed up by Trend Micro, new ransomware is currently on the rise and disguising itself as fake Windows updates and Word installers as part of a malvertising campaign. Also, multiple variants of this ransomware have been discovered. 

Here's what we know so far and what you can do to protect yourself.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

What does this new ransomware do?

The ransomware, which is called Big Head, infects devices and encrypts the device's files by displaying a fake Windows update alert on the victim's computer. Three encrypted executable files are deployed in the attack – one for propagating the malware, one for facilitating communications via Telegram, and one for encrypting the files and displaying the fake Windows update. 

If a person clicks on this fake Windows update alert, Big Head will begin its attack by deleting backups, checking the virtualized environment, disabling the computer's Task Manager to prevent the user from deleting it, and more.

Trend Micro flow chart

The ransomware, which is called Big Head, infects devices and encrypts the device's files by displaying a fake Windows update alert on the victim's computer. (Trend Micro)

There have also been variants discovered of the Big Head ransomware that are capable of stealing web browser history, directory lists, running processes, product keys and network information. Most of the samples of this ransomware have been submitted from the U.S., France, Turkey and Spain.

RUSSIAN RANSOMWARE ATTACK SOFTWARE TARGETS APPLE MAC AND MACBOOK

What can I do to protect myself from this ransomware?

Ransomware criminals will try to get you to pay money to them to get your files back. However, paying the ransom does not guarantee that you will regain access to anything a criminal takes from you and will only permit them to do it more.

Your best bet is to prevent an attacker from gaining access to your files altogether so that you don't have to try to fight to get them back. Here are some of my tips for avoiding having your files stolen in a ransomware attack.

Avoid sketchy-looking emails

If you receive an email from an address you do not recognize, don’t open it. If you open it by mistake, avoid clicking any links or opening any attachments within the email. This is a classic method that cybercriminals use to try to trick you into thinking that the message is from someone important.

HOW TO BACK UP YOUR MAC COMPUTER

Have good antivirus software 

Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware or ransomware on your devices, allowing hackers to gain access to your personal information. Plus, it's designed to tell you when there is already malware on your device so that you can immediately work toward getting rid of it. 

See my expert review of the best antivirus protection for your Windows, Mac, Android and iOS devices by visiting Cyberguy.com/LockUpYourTech

Back up your files on an external hard drive 

I highly advise you to create backups of your information on an external hard drive and store it securely in a safe location. This process involves regularly making backup copies and then disconnecting the external drive from your computer for added safety. You should store the disconnected drive in a secure place like a fireproof safe or a safety deposit box. By keeping the drive unplugged when not in use, you significantly minimize the risk of unauthorized access to your data by hackers.

To learn more about the great devices you can use to back up your important files, visit Cyberguy.com/BackUpDevices

HOW TO BACKUP YOUR WINDOWS COMPUTER

Use a cloud service 

The great thing about cloud storage is how flexible it is. If you ever need extra storage room, you can get it right away (though it does come with a price tag). However, there's a major downside to consider: you can't be sure who has access to your stored data. Just so you know, the term "cloud" is more of a metaphorical concept. Your data resides on servers owned by someone else, leaving it potentially vulnerable to hackers, snoopers and other unscrupulous individuals.

To learn more about the best cloud services you can use to back up your important files, visit Cyberguy.com/BackupDevices

Keep software up to date

Regularly update your operating system, antivirus software, web browsers and other applications to ensure you have the latest security patches and protections.

Kurt's key takeaways

Attacks like these are scary, especially when the attacker is disguising themselves as a legitimate company like Microsoft. This is why you have to be extremely careful before you click on any links or open any attachments that are sent to you out of the blue. Make sure you follow my tips, and don't be so quick to judge everything that you see right away.

CLICK TO GET THE FOX NEWS APP

Why do you think the U.S. has been a major target of this ransomware? What more should authorities be doing to stop it? Let us know by writing us at Cyberguy.com/ContactFor more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Copyright 2023 CyberGuy.com.  All rights reserved.