Security Advisory: New Ransomware Variant Disguises Itself as Microsoft Windows Update

Cybercrime is an unfortunate part of doing business these days. As much as new digital security measures help to keep consumers safe, there will always be cybercriminals working day and night to find new ways to infiltrate professional I.T. environments.

Windows Update

One of the most common threats operating today, ransomware, works by encrypting a victim’s files (making them unreadable), and only offering the key to recover the files after a ransom has been paid. A recently discovered new variant of ransomware mimics the Windows Update process, which many users have grown used to and wouldn’t give a second thought.

Labeled “CriticalUpdate01.exe,” this ransomware works by extracting a file and displaying the usual Windows Update screen. While you wait for the false update process to complete, the ransomware is quickly encrypting all your files, after which it will provide you with instructions to pay the ransom through a Russian email account. At that point, there’s little to be done, as there is currently no way to decrypt the ransomware.

This is why it’s so important to take the necessary precautions to develop safe practices at your place of business, such as:

  • Backup regularly and keep a recent backup copy off-site.  Ransomware — in addition to fires, floods, theft, accidental damage and human errors — can quickly lead to data loss, so be sure to back up your data on a regular basis.
  • Don’t enable macros in document attachments received via email, as most malware infections require you to do so for them to work.
  • Be cautious about unsolicited email attachments. If in doubt, call the sender to confirm they meant to send you the file and for what purpose. 
  • Ensure Windows’ auto-updates are turned off, and be sure to scrutinize the pending updates carefully. If you’re ever unsure, have the update inspected by a professional to ensure you’re not dealing with ransomware.

Want to know more about keeping your business safe from the latest threats? Get in touch with Praxis Data Systems, Inc. right now at (856) 679-2256 or send an email to to discuss reliable I.T. security solutions and practices.

Have Any Questions? Contact Us today.

We look forward to hearing from you

PaintWorks Corporate Park 4 Foster Ave., Suite B-CGibbsboro, NJ 08026

Call Us: (856) 679-2256

Web Analytics