The tech blog BleepingComputer.com is warning users that a fake Windows 10 upgrade circulating since April 8 can infect their computers with the Magniber ransomware.
“Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month,” the online blog reported. “Over the past few days, BleepingComputer has received a surge of requests for help regarding a ransomware infection targeting users worldwide.”
According to the blog, the fake updates are distributed under a variety of names including Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0, msi, which are the most common.
The malicious software then locks and encrypts the user’s files, forcing them to pay a hefty 0.068 in Bitcoin, or $ 2,609 to “free” the computer files, according to the blog.
Magniber is considered “secure” and does not have any weaknesses that could be exploited other than to pay the amount demanded to unlock the files.
The ransomware started out mainly impacting South Korean computers and is “currently under active development” and targeting individual students and consumers rather than larger enterprise users, according to the blog.
That means that the amount of “ransom” is usually more than the user can pay to unlock the files.
Earlier this year, the malicious software targeted users of the Microsoft Edge and Google Chrome web browsers, disguising itself as a legitimate update package, notebookcheck.net reported in January.
According to that report, the ransomware exploits a vulnerability in Windows that sees the files as legitimate updates and opens them for installation where it targets a “protected” folder for Microsoft apps.
“Therefore, it goes without saying that users should be careful while downloading files from various sources,” the article said. “Even signed .appx files can be potentially dangerous when obtained from unverified sources. Ensure that your critical data is always backed up and your security software’s definitions are up to date.”
According to the reports, users infected with the ransomware can obtain a “key” to unlock the files after they pay the demanded amount, and they will likely direct infected users to a site with software allowing them to pay the ransom and get the key.
“The easiest way to protect yourself from Magniber is to not install manual updates for your browser unless you specifically downloaded it from the Google Chrome or Microsoft Edge website,” an article on the issue from makeuseof.com said earlier this year. “That’s because these modern browsers automatically update themselves by default. This happens every time you close and open it.”
© 2022 Newsmax. All rights reserved.