Threat actors are after individual consumers, disguising ransomware as fake antivirus or Windows software updates and demanding $2,500 in bitcoin to restore access.
The so-called big game hunting ransomware attacks are typically used to target high-value organizations, with threat actors hoping to harvest millions of dollars in a single attack.
Worryingly, the HP Wolf Security Threat Research Team recently noticed ransomware gangs pursuing smaller targets, as well.
In September, researchers uncovered an attack vector where an individual user is prompted to install an "important" antivirus or Windows 10 software update.
"It uses local privilege escalation to allow hackers to take full control of systems without the user's authority, ultimately encrypting files and redirecting users to a webpage demanding the ransom," the HP Wolf Security blog reads.
The attackers used clever techniques to avoid detection, such as running malicious code in computer memory rather than dropping the payload on-disk and bypassing antivirus software.
"Users can reduce risk by making sure updates are only installed from trusted sources, checking URLs to ensure official vendor websites are used, and backing up data regularly to minimize the impact of a potential data breach," Patrick Schläpfer, malware analyst at HP Wolf Security, said.
More from Cybernews:
Subscribe to our newsletter