Ransomware: Fantom pretends to be a critical Windows update
Windows Update has brought us some trouble during the last months: First there were many complaints because you couldn't decline or postpone updates in Windows 10 any longer. The Microsoft smuggled the free update to Windows 10 onto your computer disguised as a critical update. And now ransomware...
Of course, ransomware Fantom does not come from Microsoft, although the meta data say so. It is disguised as a critical update and starts and update screen that looks like the one in Windows 10. While you wait for the "update" to finish, Fantom will encrypt all your personal data. The next step is a message in rather bad English asking you to send your ID to an email address and to pay a certain amount of money, usually in virtual currency Bitcoin to get your data back.
AVG's Jakub Kroustek has discovered the ransomware and bleepingcomputer.com was one of the first websites to write about it. At the moment, there is no possibility to get your data back other then paying the fee. Altough there is no guarantee that after you paid, you will hear anything from the blackmailers. Usually, there should be a solution within the next weeks, that was the case for earlier ransomware infections. Victims can register in this forum and get notified when there is a solution.