Beware! This Fake Windows 10 update will infect your system with Magniber ransomware

Fake Windows 10 update is being rolled out to spread Magniber ransomware.

Fake Windows 10 updates are reportedly being circulated to spread the Magniber ransomware and steal users’ data, especially students and other non-professional users’ data. BleepingComputer has shared that they have received a surge of requests for help regarding this ransomware infection targeting users across the world. It initially appears to be a Windows 10 cumulative or security update. As per the VirusTotal, this appears to have started on April 8th, 2022 and has seen targeting a large number of users worldwide since then.

While it’s not 100% clear how the fake Windows 10 updates are being circulated, these are distributed under various names, like Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi. The downloads are distributed through fake warez and crack sites.

Also read: Looking for a smartphone? To check mobile finder click here.

How these malicious Windows 10 updates work

Upon downloading the fake Windows 10 update, the ransomware delete shadow volume copies and then encrypt files. It produces a README.html document in each folder which it encrypts. The documents then redirect users to Magniber’s Tor payment page, which is called ‘My Decryptor’. The website then provides users with one free file, which it decrypts without charge, and allows the victim to find out which cryptocurrency address they would send the ransom. It also provides options to contact its “support team” for help.

The ransomware demands range around $2,500 or 0.068 bitcoin.

How to deal with fake Windows 10 ransomware?

As of now, there are no known ways of decrypting files that are encrypted by the Magniber ransomware strain.

This is not the first time that a fake software has been targeting users. There were earlier also antivirus software updates to Flash Player Updates, that have been a consistently popular method of duping users into downloading malware for years.

Recently, cybersecurity researchers from MalwareHunterTeam detected an SMS phishing campaign where Android users receive a text message asking users to complete an update to the Flash Player or else the video upload they started couldn’t be done.

The same SMS message contains a link that redirects users to Android banking trojan FluBot malware and steals login information by overlaying many global banks.

Erlando F Rasatro

Next Post

5 Best Digital Marketing Agencies in Honolulu, HI

Fri Jun 3 , 2022
Below is a list of the top and leading Digital Marketing Agencies in Honolulu. To help you find the best Digital Marketing Agencies located near you in Honolulu, we put together our own list based on this rating points list. Honolulu’s Best Digital Marketing Agencies:  The top-rated Digital Marketing Agencies […]