Application security, Threat Management, Malware

New ransomware arrives as phony alert from Microsoft

A new ransomware iteration has been detected by Symantec embedded in an email message disguised as an alert from Microsoft.

The threat (freedownloadmanager.exe), dubbed Trojan.Ransomlock.AT by Symantec, is showing up primarily in the United States. The email appears to be a legitimate notice from Microsoft claiming the user's Windows license has expired and prompts the target to call a toll-free number in order to unlock their computer.

The new ransomware variant follows up on similar scams Symantec detected previously. The difference this time, the company stated, is that it now is using a recognizable name.

"What makes this different from traditional ransomware is that it appears the attackers have carefully thought out how to maximize revenue generation by using a combination of branded ransomware alongside manipulated search results," the researchers said.

Keep your OS and security software up to date, Symantec advised.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.