Instead of a legitimate update, it is actually a ransomware that seeks to encrypt files on your computer. It will launch a message indicating “Windows critical update settings”. The victim, who may think that it is really a real update and needs to fix some system bug, can click and follow the process.
Fake Windows Update
A group of FortiGuard security researchers have detected ransomware, which they have dubbed big head. What it does is spoof Windows Update to make it look like a legitimate Windows Update, but it’s actually a scam. It affects home users, so it can reach anyone who does not have the necessary knowledge.
If the victim falls for the trap and that message is ignored, a screen will appear for 30 seconds of a fake update until it reaches 100%. But really what he is doing is encrypting the system files. Once it finishes, it closes and it is no longer possible to access the files, at least not the ones it has encrypted.
As usually happens in a ransomware attack, the attackers will demand a ransom to decrypt those files. The victim would have to pay money to get back everything they have blocked and not lose the documents. But of course, on many occasions even paying is useless.
As indicated by Trend Micro, this ransomware targets several European countries, including Spain. They do not know, for the moment, how exactly it is distributed. However, they suspect that it may be through a fake app. In addition, they ensure that they focus on home users and not on organizations.
How to avoid this ransomware
The good news is that there are already some antiviruses that detect Big Head as a threat. So if you have a good security program and it is up to date, it is likely to issue a warning as soon as this malicious software enters your computer. You will be able to eliminate it before it can launch that supposed system update message.
However, the best defense is always the common sense. This ransomware apparently arrives via a fake application. Therefore, our recommendation is that you always download programs from legitimate sources. You can go to the official page or use secure app stores.
You should also have the updated system. In many cases, cybercriminals take advantage of vulnerabilities that may exist and carry out their attacks. Therefore, having the equipment correctly updated will help you avoid problems. Now, logically you should install legitimate, official updates, and not fall into traps like the ones we’ve seen with Big Head.
In short, as you can see, you must be careful when update windows. It is key to do it correctly and never through files or messages that may give rise to doubts. Maintaining security and privacy is in your hand, but you should always take certain precautions. If Windows Defender does not start, it may be one of the reasons for the failure to update.
