Tech News

They detect a malicious program that spreads through fake Windows 10 updates

A group of cyber criminals is distributing a variety of ransomwarea type of malware that encrypts and hijacks information through fake Windows 10 operating system updates.

[article_mb_code]

The software is called Magniber and managed to infect computers through Windows download links, available on illegal web pages, according to the specialized site bleeping computer.

These updates are distributed under various names, including Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi.

[article_mb_code]

The campaign appears to have started on April 8, 2022 and has been in massive worldwide distribution ever since, specialists warn.

It’s not entirely clear how fake Windows 10 updates are promoted, but what is known is that the downloads are distributed from fake sites.

[article_mb_code]

Once he ransomware it installs itself on the computer, encrypts files, makes them inaccessible to affected users, and then asks them to pay a ransom.

The malware also creates notes called README.html in each affected folder, containing instructions on how to access the Magniber Tor payment site to pay the requested money. The amounts vary but are generally around USD 2,500 or 0.068 bitcoins.

This campaign is mainly aimed at students and final consumersrather than companies or large organizations, as in other cases.

[article_mb_code]

Safety measures

1. The main measure of care is not to download any type of file from illegal sites. Many times, users enter pages where cracked programs are offered to avoid paying the prices required for legal software and this can be counterproductive since they could end up being affected by malware.

These actions will eventually cause them more expenses, because their equipment will be affected and they could also lose valuable information.

2. Distrust. When a download link is received by mail or message to receive an update, benefit or prize, the first thing to do is check if this is true.

For that, you have to enter the official sites of the entities that are supposedly sending that content.

3. Keep the operating system up to date. When the computer or cell phone gives notice that an update needs to be downloaded, do it because in this way the security patches are received.

Of course, it is necessary to make sure that said update is genuine and actually comes from the operating system installed on the computer (Windows, macOS, Android or iOS).

4. Have a security solution. Many systems integrate a security solution that alerts against possible hacks and vulnerabilities.

For this to work properly, you have to pay attention to the warnings received, stay informed about vulnerabilities and, if necessary, add an extra antivirus to enhance care.

What to do once the computer got infected

1. In cases of ransomware, paying the requested ransom is discouraged for two reasons. The first is that doing so is motivating this type of extortion to continue to increase; and the second is that sometimes by paying the user is not sure that he will recover his information.

2. Report the theft of information to the prosecutor’s office or corresponding authority to seek to identify and stop the cybercriminals behind these hoaxes.

It is a key measure to curb the spread of cybercrime, one of the great challenges that arise today in the digital universe.

:

Tags
Back to top button