<p>A new type of ransomware threat has been detected being distributed by email. Most tech-savvy PC users probably will not be fooled by this threat, but this information could be extremely useful for others.</p>
<p><img class="alignnone size-full wp-image-3398" src="https://www.wincert.net/wp-content/uploads/2019/11/ransomware.jpg" alt="" width="640" height="426" /></p>
<p>The bogus email carries one of the following titles:<br />
<strong>&#8220;Critical Microsoft Windows Update!&#8221; or &#8220;Install Latest Microsoft Windows Update now!</strong></p>
<p>Once this e-mail is opened message body displays the following message (with capital letter typo)<br />
<strong>&#8220;PLease install the latest critical update from Microsoft attached to this email.&#8221;</strong></p>
<p>An email also carries an attachment with <strong>.jpg</strong> extension that actually is an executable (.exe) file, which downloads and installs ransomware from a remote server. Once a user clicks on the infected .jpg file a <strong>bitcoingenerator.exe</strong> will be downloaded from the Github account <strong>misterbtc2020</strong>. Luckily, the <strong>misterbtc2020</strong> account has already been removed, but that doesn&#8217;t mean another similar ransomware variant won&#8217;t emerge under a different account name.</p>
<p>Once installed the ransomware starts encrypting all of the files available on the local, removable or network drives and creates an unencrypted text file <strong>Cyborg_DECRYPT.txt</strong> on the desktop. The text file holds a ransom note with instructions on how to pay $500 in Bitcoin currency in order to receive the decryption key.</p>
<p>I&#8217;m just wondering to see what kind of users this ransomware is intended for? Not many users think that Windows Updates are deployed via e-mail, while on the other hand, those same users can easily set up a payment in cryptocurrency.</p>