A team of researchers found something nasty that forces your Windows 10 C to reboot to Safe Mode and exploits it.
Another day, another piece of Windows 10 that is broken. We are fast becoming accustomed to these problems with Windows 10 and this latest threat, found by a team of researchers, is particularly vicious.
It’s no secret to anyone that the latest Windows 10 updates have been somewhat controversial. While they provide patches to kill off bugs from previous updates, it seems that all they do is create even more issues and now we have a brand-new problem – updates filled with fake ransomware.
The researchers who identified the latest bug work for Sophos Labs, one of the top security software companies. They have been constantly monitoring several Windows 10 ransomware threats that target a Safe Mode vulnerability.
They first identified it in mid-October and the malware, named Snatch, forces a computer to reboot to Safe Mode – here, most security software and many other vital programs are disabled. Sophos says, “Snatch can run on most common versions of Windows, from 7 through 10, in 32- and 64-bit versions. The malware we’ve observed isn’t capable of running on platforms other than Windows. Snatch can run on most common versions of Windows, from 7 through 10, in 32- and 64-bit versions.”
Once a device has been successfully penetrated by the ransomware, a Bitcoin ransom demand will follow. According to the researcher’s report, at least 12 demands were made between July and October 2019, with the ransoms valued between $2,900 and $51,000 in Bitcoin.
How to Avoid Getting Caught
First, Sophos is recommending that organizations don’t use remote desktop access if they don’t have the proper protections in place. If needs be a VPN should be used to provide protection to the network. And it goes without saying that MFA (multi-factor authentication) should be in place too.
As always, common sense goes an awfully long way – avoiding dodgy websites, links in emails, downloading unknown files and so on. Most of the time, your antivirus software will kick up an alert, sometimes even a browser will, but you shouldn’t rely on those to save you.
The same commonsense approach applies to consumer users too.