Windows 10 has been distributed since July 2015 by means of Windows notifications and e-mails. This is an interesting opportunity for hackers to employ social engineering methods to encourage users to download viruses.
- The first malware based on faking Windows 10 distribution was CTB-Locker, a ransomware which is not uncommon. In this campaign, an e-mail, apparently sent by email@example.com, contains an attachment which supposedly downloads Windows 10, but in reality is a .zip file which deploys CTB-Locker. Compared with other ransomware, such as Cryptowall, CTB-Locker differs by asking the victim to pay in bitcoins via a TOR site for his files to be released.
- Another campaign, in Brazil, uses similar e-mails to make victims download malware. This is a VBE script to introduce further malware, which captures the victim’s data.
As with any event in the news, the release of Windows 10 is instrumentalised by hackers to abuse the trust of users, who should be alerted by e-mails full of spelling mistakes, with attachment names having suspicious extensions.