New Big Head virus under the guise of a Windows update blocks the PC and extorts money
Miscellaneous / / July 12, 2023
You need to pay in cryptocurrency via Telegram.
Cybersecurity experts at Trend Micro discovered a virus called Big Head. It is distributed on the Web under the guise of advertising a Windows update and a Microsoft Word installer.
After the infected file is activated, an animation appears on the computer screen that simulates an OS update. The user is then notified that the PC has been locked. The message also says that in order to restore the system, you need to contact the hackers on Telegram and pay a ransom in cryptocurrency.
In addition, Big Head encrypts all available Windows backups so that the user cannot restore the system on their own. At the same time, malware does not touch files from the Recycle Bin, Program Files, Temp, Program Data, Microsoft, and App Data, thus maintaining the health of the OS.
For Russian users, apparently, the ransomware virus does not yet pose a threat. Experts found that Big Heat checks the system language before starting work, and if one of those used in the CIS countries is selected in the settings, the malware does not work.
Trend Micro found three types of Big Heat. All of them use standard encryption methods "without any sophistication" and are aimed at ordinary users who "can be fooled with simple tricks."
KELA, a company specializing in the search and analysis of cyber threats, found out that the traces of intruders lead to Indonesia.
Read also🧐
- How to check a computer or a separate file for viruses online
- Experts have discovered a virus that infects Windows, Linux and macOS
- How to identify and remove viruses that interfere with Chrome