Currently, there are more than 800 million Windows 10 users across the globe while vast numbers of users are still using Windows 7. These stats may not come as surprise but they do make Windows users a lucrative target for cybercriminals.
On October 3rd, 2019, a trojan horse was discovered which pretends to be a security scanner by Microsoft but in reality, it is everything evil but so. A cybersecurity researcher named Xavier Mertens first posted a screenshot of the email he received from the scammers prompting him to download the malware:
Phishing email (Screenshot: Xavier Mertens)
To start with, it can clearly be seen that the sender’s email address has not been spoofed to breathe in an air of authenticity. This blunder alone should be sufficient for most to realize that it is not a legitimate email but for the sake of exploration, we’ll continue.
Upon downloading, we are presented with a WSS.zip archive file which contains the executable file of the fake scanner. Once one runs it, they are presented with a ransomware warning a few moments later unfolding the entire scheme:
It’s not surprising that Bitcoin is their preferred currency but given some astonishing malware mimics windows scanner infect ransomware
