Kwararru daga kamfanin tsaro na bayanai Trustwave sun ba da rahoton gano wani babban kamfen na saƙon saƙon da ake amfani da shi don zazzage wadanda abin ya shafa na ransomware a kan kwamfutocin su a ƙarƙashin sunan sabuntawa na tsarin aiki na Windows.
Microsoft baya aika imel yana tambayar ku don sabunta Windows. A bayyane yake cewa sabon kamfen na malware yana kaiwa mutanen da ba su san shi ba.
Majiyar ta ce ana aika saƙonni zuwa ga masu amfani da taken "Shigar sabuwar sabuntawar Windows ta Microsoft a yanzu!" ko "Microsoft Windows Critical Update!" Rubutun wasiƙar yayi magana game da buƙatar shigar da mahimman abubuwan sabunta Windows, waɗanda ake zaton an haɗa su da wasiƙar, da sauri. Saƙon ya ƙunshi abin da aka makala wanda ya bayyana a matsayin hoton JPG, amma ainihin fayil ɗin .NET ne mai iya aiwatarwa. Idan kun karɓi irin wannan wasiƙar, to, a cikin kowane hali bai kamata ku gudanar da wannan fayil ɗin ba, saboda hakan zai haifar da mummunan sakamako.
Gaskiyar ita ce, fayil ɗin da aka haɗe zuwa wasiƙar shine Cyborg ransomware, wanda zai ɓoye duk fayilolin mai amfani, toshe abubuwan da ke ciki kuma ya canza tsawo zuwa .777. Kamar yadda yake tare da sauran kayan fansa, za a isar da mai amfani da fayil ɗin rubutu mai suna Cyborg_DECRYPT.txt, wanda ya ƙunshi umarni kan yadda za a warware fayilolin. Ba shi da wahala a yi tsammani cewa an nemi mai amfani don biyan kuɗin decryption, amma babu buƙatar gaggawa don yin hakan, tunda babu tabbacin hakan zai taimaka.
Masana sun ba da shawarar yin hankali da haruffan da ba a sani ba waɗanda suka fito daga mutane da ƙungiyoyi waɗanda ba a sani ba. Ya kamata ku kasance a faɗake kuma kar ku buɗe fayilolin da aka makala sai dai idan kun tabbatar da asalinsu.
source: 3dnews.ru