Attackers Use Fake Windows 10 Update To Spread Magniber Ransomware

Share post:

Attackers use fake Windows 10 updates to spread the Magniber ransomware. Posts on VirusTotal showed that the attack began on April 8 and had since recorded a massive spread.

Magniber ransomware primarily targets students and consumers and not on corporate victims. The ransomware operators demand ransom, which is set at about $2,500 or 0.068 Bitcoins.

These malicious updates are distributed under various names, including Win10.0_System_ Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi. The downloads for the fake Windows 10 updates are distributed from fake warez and crack sites.

Once the malicious updates are installed, the ransomware will delete shadow volume copies and then encrypt files.

When encrypting files, the ransomware also creates ransom note names README.html in each folder. The ransom note contains instructions on how to access the Magniber Tor payment site to pay a ransom.

The sources for this piece include an article in BleepingComputer.



Related articles

Socket develops tool to protect developers from npm vulnerabilities

Socket, a security firm, has created a new method for protecting developers from the flaws in npm, GitHub's...

Reddit relocates headquarters

Reddit's headquarters is being relocated from its current 78,000-square-foot office at 1455 Market Street at San Francisco's Mid-Market...

Meta launches Meta Verified in U.S.

Meta has launched its subscription service in the United States, allowing Facebook and Instagram users to pay for...

Google spots vulnerabilities in Exynos chips that could affect Androids

Google is urging Android phone owners, such as those who own Samsung, Pixel, or Vivo phones, to take...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways