Beware! This Fake Windows 10 update will infect your system with Magniber ransomware

Fake Windows 10 update is being rolled out to spread Magniber ransomware.

Fake Windows 10 updates are reportedly being circulated to spread the Magniber ransomware and steal users’ data, especially students and other non-professional users’ data. BleepingComputer has shared that they have received a surge of requests for help regarding this ransomware infection targeting users across the world. It initially appears to be a Windows 10 cumulative or security update. As per the VirusTotal, this appears to have started on April 8th, 2022 and has seen targeting a large number of users worldwide since then.

While it’s not 100% clear how the fake Windows 10 updates are being circulated, these are distributed under various names, like Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi. The downloads are distributed through fake warez and crack sites.

Also read: Looking for a smartphone? To check mobile finder click here.

How these malicious Windows 10 updates work

Upon downloading the fake Windows 10 update, the ransomware delete shadow volume copies and then encrypt files. It produces a README.html document in each folder which it encrypts. The documents then redirect users to Magniber’s Tor payment page, which is called ‘My Decryptor’. The website then provides users with one free file, which it decrypts without charge, and allows the victim to find out which cryptocurrency address they would send the ransom. It also provides options to contact its “support team” for help.

The ransomware demands range around $2,500 or 0.068 bitcoin.

How to deal with fake Windows 10 ransomware?

As of now, there are no known ways of decrypting files that are encrypted by the Magniber ransomware strain.

This is not the first time that a fake software has been targeting users. There were earlier also antivirus software updates to Flash Player Updates, that have been a consistently popular method of duping users into downloading malware for years.

Recently, cybersecurity researchers from MalwareHunterTeam detected an SMS phishing campaign where Android users receive a text message asking users to complete an update to the Flash Player or else the video upload they started couldn’t be done.

The same SMS message contains a link that redirects users to Android banking trojan FluBot malware and steals login information by overlaying many global banks.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! TechAI is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.