Just days after Microsoft released its latest operating system, hackers have begun targeting soon-to-be Windows 10 users with an emerging kind of malware.
Cisco security researchers are warning users against opening email attachments purporting to be from the software giant. The "ransomware" malware, which encrypts files until a ransom is paid, is being sent as part of an email spam campaign.
In a blog post, Cisco researcher Nick Biasini said the attackers are "impersonating Microsoft in an attempt to exploit their user base for monetary gain."
The emails claims its attachment includes an installer that allows users to get the new operating system sooner.
"The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign," said Biasini.
Once a user downloads and opens the attached executable file, the malware payload opens, encrypting data on the affected computer, and locking the owner out.
Often, the user is forced to pay in bitcoin, which is far more difficult to trace than using a traditional bank account. And, because attackers are communicating with a command server over the Tor anonymity network, it makes them almost impossible to trace.
Biasini said the malware payload, called CTB-Locker, is being delivered at a "high rate."
"The functionality is standard however, using asymmetric encryption that allows the adversaries to encrypt the user's files without having the decryption key reside on the infected system," said Biasini.
That means that there's no clear way to get the decryption key until the ransom is paid.
Ransomware attacks have been on the increase since the start of 2015 as a quick, easy, and often near-untraceable way to generate vast sums of money in a short space.
In more than a year, a division of the FBI received almost 1,000 complaints related to crypto-locking malware, costing consumers $18 million in losses.