The process takes about 30 seconds
Computer security researchers at FortiGuard Labs have published their findings regarding a ransomware Trojan that infects devices by disguising itself as critical updates to the Windows operating system.
The Big Head malware displays a fake Windows Update screen and encrypts files in the background. At this time, the user is waiting for his computer to complete the proposed Windows update. The process takes about 30 seconds.
Beware: Ransomware masquerades as a critical Windows update and can delete backups
There is also another option, “Option B”, which uses a PowerShell file called “cry.ps1” to encrypt files.
The same malware was investigated by Trend Micro. The firm found that the ransomware also checks virtual environments such as Virtual Box or VMware and even removes backups, which makes it quite intimidating.
