{"id":7608,"date":"2022-10-13T17:40:03","date_gmt":"2022-10-13T08:40:03","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=7608"},"modified":"2022-11-21T17:44:11","modified_gmt":"2022-11-21T08:44:11","slug":"magniber-ransomware-targets-windows-home-users-as-fake-security-updates","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/magniber-ransomware-targets-windows-home-users-as-fake-security-updates\/","title":{"rendered":"Magniber ransomware targets Windows home users as fake security updates"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Recent observations of the Magniber ransomware have revealed that the recent campaign that uses Magniber ransomware has been targeting Windows home users with fake security updates. It was observed in September that the threat actors had created websites that promoted fake antivirus and security updates for Windows 10. These websites hosted malicious ZIP archives that contained JavaScript that initiated an intricate infection with the file-encrypting malware.<\/p>

The threat group has previously been observed distributing the ransomware as a Windows 10 update in April 2022 and other campaigns have been using MSI and EXE files.<\/p>

Threat intelligence sources have stated that they have seen the Magniber ransomware operators demand payment of up to $2,500 for home users to receive a decryption tool and recover their files. The strain focuses explicitly on Windows 10 and Windows 11 builds.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Recent observations of the Magniber ransomware have revealed that the recent campaign that uses Magniber ransomware has been targeting Windows home users with fake security updates. It was observed in September that the threat actors had created websites that promoted fake antivirus and security updates for Windows 10. These websites hosted malicious ZIP archives that contained JavaScript that initiated an [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":7613,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,12,2,1],"tags":[],"class_list":["post-7608","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-read_article","category-ce_news","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2022\/11\/Picture1-11.jpg?fit=1378%2C1032&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/7608"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=7608"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/7608\/revisions"}],"predecessor-version":[{"id":7616,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/7608\/revisions\/7616"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/7613"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=7608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=7608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=7608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}