3 May 2022

Fake Windows 10 update delivers Magniber ransomware 


Fake Windows 10 update delivers Magniber ransomware 

Hackers are distributing fake Windows 10 updates to infect users with the Magniber ransomware.

According to the technology news site BleepingComputer, multiple users have reported infections after they installed what is believed to be Windows 10 cumulative or security update. The updates are distributed under various names, for example, Win10.0_System_Upgrade_Software.msi or Security_Upgrade_Software_Win10.0.msi.

The massive campaign, which have begun on April 8, 2022, is using fake warez and crack websites for malware distribution. BleepingComputer notes that this campaign mainly targets students and consumers rather than businesses.

Once installed on a victim’s device, the ransomware will delete shadow volume copies and encrypt files adding the .gtearevf extention. It also creates ransom notes with instructions on how to pay a ransom (approx. 0.068 bitcoins).

The Magniber ransomware is considered secure, meaning that it does not contain any weaknesses that can be exploited to recover files for free.


Back to the list

Latest Posts

Interpol arrests suspected leader of Nigerian cybercrime gang involved in BEC attacks

Interpol arrests suspected leader of Nigerian cybercrime gang involved in BEC attacks

The suspect registered 240 domains, 50 of which were used as command-and-control domains for the ISRStealer, Pony, and LokiBot malware.
26 May 2022
US automaker General Motors hit with credential stuffing attack

US automaker General Motors hit with credential stuffing attack

Social Security numbers and driver’s license details weren’t compromised, the company said.
25 May 2022
Popular Python and PHP libraries altered to steal AWS keys

Popular Python and PHP libraries altered to steal AWS keys

In both cases the attacker appears to have taken over packages that have not been updated in a while.
25 May 2022