Big Head Ransomware: Fake Windows Updates Pose Serious Threat
A new ransomware called Big Head is being distributed through a malvertising campaign disguised as fake Microsoft Windows updates and Word installers. The ransomware encrypts files on victims' machines and demands a cryptocurrency payment. Trend Micro has analyzed the ransomware and identified its inner workings, including its ability to display a fake Windows update UI to deceive victims. The malware also deletes backups, terminates processes, and checks for virtualized environments. It disables the Task Manager, aborts itself in certain languages, and incorporates a self-delete function. Trend Micro has detected a variant of Big Head with stealer behaviors and another variant that incorporates a file infector called Neshta. The identity of the threat actor behind Big Head is currently unknown.
- Beware of Big Head Ransomware: Spreading Through Fake Windows Updates The Hacker News
- 'Big Head' malware threat looms, warn researchers SC Media
- Beware! Big Head ransomware that looks like Windows update can also delete backups Neowin
- "Big Head" ransomware fakes Windows Update to trick users Ghacks
- New ‘Big Head’ ransomware displays fake Windows update alert BleepingComputer
Reading Insights
0
2
2 min
vs 3 min read
78%
551 → 119 words
Want the full story? Read the original article
Read on The Hacker News