Day: August 4, 2015

as originally posted on bleepingcomputer.com

With the highly publicized release of Microsoft’s Windows 10 on July 29th, scammers and malware developers were quick to jump in and use it as a method of distributing malware. Cisco’s Talos Group has discovered a email campaign underway that pretends to be from Microsoft and contains an attachment that will supposedly allow you to upgrade to Windows 10. In reality, though, this email is fake and once you double-click on the attached file, you will instead become infected with the encrypting ransomware CTB-Locker.

Image of fake Windows Update Email courtesy of Cisco
As you can see the email pretends to be from the email address update@microsoft.com and contains the subject [b]Windows 10 Free Update. Even the email message looks legitimate with no spelling mistakes or strange grammar. This is because the content is copied directly from Microsoft’s site. The only tell-tale sign is that there will be some characters that do not render properly. Unfortunately, this small sign will not be enough for many people to notice.

Furthermore, once they download the attachment and extract it, the attached Win10Installer.exe icon will be the familiar Windows 10 logo.

It isn’t until you inspect the file properties of the attachment, do you see that something is not right as its file description will be iMacros Web Automation and the copyright for the program will belong to Ipswitch. Ipswitch is a legitimate company and not the ones who released this malware.

Finally, if a user double-clicks on the Win10Installer.exe file, they will not be greeted with the normal Windows 10 upgrade screen. Instead, after a brief delay they will be shown the screen for the CTB-Locker ransomware.

Recently I volunteered to help Furry RP Haven forum with their social media. Their chief admin Cethlenn then put me in charge of their facebook page Furry Chat & Roleplayer’s Haven . Look even I know these kind of fb pages tend to be…why lie…boring. When all they talk about is what problems are happening. I told them before I made my 1st post that I wasn’t going to run it like that. I wanted it to be a page you want to come back to. Just to see what new and interesting thing that has been posted there like many other fb pages. Well so far, so good, in the few days it has been since I took over. The number of hits has tripled, from 11 to 39. I know that seems small, but when I started this blog 6 years ago I was lucky to get 10 hits a week.

So if your own Facebook I invite you to check it out, right now I am limiting myself to just 2 posts a day. All I can say it will be furry, it will be clean, whatever I post there. If you have any suggestions for posts contact me directly on Facebook I am Justin Jackalope there.

A 12 metre (40ft) Minion caused traffic chaos in Dublin, Ireland after it escaped from a nearby fairground and landed on a busy road.

The Gardai – the Irish police – were called to the Santry area of Dublin at 3pm on Monday. With the help of passers-by they managed to let the air out of the yellow inflatable, a promotional character from the film Minions which began life in the hit animation Despicable Me.