A fake Windows 10 update is being used to spread Magniber Ransomware Strain, reports suggest.
Ransomware continues to be a consumer and corporate tragedy, but Magniber seems to be primarily targeted at students and other non-professional users. Bleeping Computer Source.
Based on the Magnitude exploit kit, the strain first appeared in 2017 as the successor to Cerber, and was mostly targeted at Korean users at the time.
Initially, Magneti targeted users who were still using it. Internet explorer.. The ransomware gang has since expanded its reach to infection systems in China, Taiwan, Hong Kong, Singapore, and Malaysia.
Malicious Windows 10 Updates
These harmful fake Windows 10 updates are distributed through platforms such as crack sites under names such as Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi to provide legitimate cumulative or security updates. I’m pretending to be.
Magniber creates a README.html document in each folder you want to encrypt. The document then redirects the user to a Magnet payment site called “My Decryptor”.
The Cybercriminal Ring website provides users with one free file that can be decrypted for free, and can find the cryptocurrency address to send coins if the user decides to pay the ransom. Sources also offer the option to contact the “support team.”
Demand for ransomware tends to be around $ 2,500 or 0.068 Bitcoin. Bleeping Computer I will propose. Currently, there is no known method for free decryption of files encrypted by the Magniber ransomware stock.
Fake software update covering everything from Antivirus software Flash Player Updates is a consistently popular way to trick users into downloading. Malware For years, the combination of threat and urgency effectively tricks users.
For example, a cybersecurity researcher at the Malware Hunter Team recently identified an SMS phishing campaign that receives text messages claiming that Android users must update their video uploads to complete them. Flash player..
The same SMS message provides a link to where the “update” is found and instead directs the victim to the Android banking Trojan FluBot. MalwareSteals login information by overlaying many global banks.