VIA HOTHARDWARE -
A security researcher for AVG has discovered a new piece of ransomware called Fantom that masquerades as a critical Windows update. Victims who fall for the ruse will see a Windows screen acting like it's installing the update, but what's really happening is that the user's documents and files are being encrypted in the background.
Fantom is based on the open-source EDA2 ransomware project, and unfortunately there's no way to decrypt the files without the culprit's help. Plain and simple, you're in a bad spot if you happen to fall for this one. While savvy computer users might spot the ransomware as a malicious attempt to wreak havoc, it's easy to see how a less experienced user could be tripped up by this one.
The scam starts with a pop-up labeled as a critical update from Microsoft. Once a user decides to apply the fake update, it extracts files and executes an embedded program called WindowsUpdate.exe. From there it appears as though Windows is applying updates complete with a percentage counter and a warning not to turn off your computer. Once initiated, the user can close the screen by pressing Ctrl+F4, but that doesn't stop the ransomware from encrypting files in the background.
All users should be aware that windows updates notices will never come from browser pop-ups, if you have any questions call us here at Sierra before accepting any windows updates that appear out of the norm.
Read Original article here: http://hothardware.com/news/fantom-ransomware-poses-as-windows-update-encrypts-files#28VlRJV8MYF2Rvvy.99