IT House news on May 1, Magniber ransomware has previously carried out a series of intrusion activities, such as through vulnerabilities. The latest tactic is to spread through fake Windows 10 updates.
According to BleepingComputer, user reports of new Magniber ransomware have been discovered around the world. This ransomware masquerades as a Windows 10 update package that induces users to download it on some third-party websites, and here are some of these fake malicious updates:
Win10.0_System_Upgrade_Software.msi
Security_Upgrade_Software_Win10.0.msi
System.Upgrade.Win10.0-KB47287134.msi
System.Upgrade.Win10.0-KB82260712.msi
System.Upgrade.Win10.0-KB18062410.msi
System.Upgrade.Win10.0-KB66846525.msi
After installing the ransomware, it deletes the backup files of the encrypted drive and creates a "README" HTML file that contains a method to de-ransomware, the purpose of which is, of course, to demand a ransom.
The ransomware payment site shows that the victim is asked to pay about $2,600 (about 17,238 yuan) or 0.068 bitcoins, and if the payment is not made within five days, the ransom will be doubled.
Therefore, in order to avoid being invaded by ransomware, IT home partners are best not to download unofficial resources such as Windows updates on unreliable websites, and can be downloaded directly on the Microsoft update directory website.