Notebookcheck Logo

Ransomware: Fantom pretends to be a critical Windows update

Seems that creepy writing is part of the basic look of every ransomware. (Foto: bleepingcomputer.com)
Seems that creepy writing is part of the basic look of every ransomware. (Foto: bleepingcomputer.com)
Take care: There is a new Ransomware for Windows: Fantom is based on the EDA2 ransomware project and can't be counteracted at the moment.

Windows Update has brought us some trouble during the last months: First there were many complaints because you couldn't decline or postpone updates in Windows 10 any longer. The Microsoft smuggled the free update to Windows 10 onto your computer disguised as a critical update. And now ransomware...

Of course, ransomware Fantom does not come from Microsoft, although the meta data say so. It is disguised as a critical update and starts and update screen that looks like the one in Windows 10. While you wait for the "update" to finish, Fantom will encrypt all your personal data. The next step is a message in rather bad English asking you to send your ID to an email address and to pay a certain amount of money, usually in virtual currency Bitcoin to get your data back.

AVG's Jakub Kroustek has discovered the ransomware and bleepingcomputer.com was one of the first websites to write about it. At the moment, there is no possibility to get your data back other then paying the fee. Altough there is no guarantee that after you paid, you will hear anything from the blackmailers. Usually, there should be a solution within the next weeks, that was the case for earlier ransomware infections. Victims can register in this forum and get notified when there is a solution.

Quelle(n)

Read all 1 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Mail Logo
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2016 08 > Ransomware: Fantom pretends to be a critical Windows update
Florian Wimmer, 2016-08-29 (Update: 2016-08-29)