Jump to content
  • Beware: Magniber ransomware now spreading via fake malicious Windows updates

    Karlston

    • 1 comment
    • 512 views
    • 2 minutes
     Share


    • 1 comment
    • 512 views
    • 2 minutes

    The Magniber ransomware, which has been around for a while, is apparently spreading via fake Windows 10 updates in its latest campaign. Back in 2021, the Magniber threat actors were using the PrintNightmare exploit to infect victims, and recently in January 2022, it was spreading via Microsoft Edge and Chrome.

     

    This new report comes via BleepingComputer which noticed a lot of user reports regarding this new infection that seems to be affecting people worldwide. The malicious updates pretend to be real and some of them even have fake knowledge base (KB) IDs attached with them. Here are some of these fake malicious updates:

     

    • Win10.0_System_Upgrade_Software.msi
    • Security_Upgrade_Software_Win10.0.msi
    • System.Upgrade.Win10.0-KB47287134.msi

    • System.Upgrade.Win10.0-KB82260712.msi

    • System.Upgrade.Win10.0-KB18062410.msi

    • System.Upgrade.Win10.0-KB66846525.msi

       

    These malicious updates are being spread via warez and piracy websites. Here is one such example:

     

    1651348656_magniber_tor_payment_site_(so

     

    Once the malicious files are installed, they go on to delete the backup volume shadow copy of the encrypted drives and creates a "README" HTML file that contains the ransom notes (shown in image on the bottom):

     

    1651348670_magniber_encrypted_files_(sou

     

    1651348664_magniber_ransom_note_readme_(

     

    On the ransomware payment site, the threat actors ask the victims to pay up around $2,600 or 0.068 bitcoins (BTC), and the ransom is set to double if five days go without payment.

     

    1651348656_magniber_tor_payment_site_(so

     

    To protect yourself from such a campaign, it is best to avoid such unofficial sources of downloading Windows updates and directly download them via your settings. You can also look for standalone updates on the Microsoft Update Catalog website.

     

    Source and images: BleepingComputer

     

     

    Beware: Magniber ransomware now spreading via fake malicious Windows updates


    User Feedback

    Recommended Comments

    its about time these criminals got their just deserts.. 1. loss of all their bitcoins.. followed shortly afterwards by their 2. LIVES.. by being shot in the head and then finally.. having the video of their execution put online as a warning to all other ramsomware creators with someone saying .. You create.. we will find you.. you will end up the same way. no prison.. just death awaits.

    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...