Fake Windows 10 update infects computers with ransomware and locks files

A group of cyber criminals is expanding a variety of ransomware via fake Windows 10 operating system updates.

As discovered by BleepingComputer, it is Magniber ransomware, which has managed to infiltrate computers via Windows download links available on illegal websites.

Several users have reported problems with distributed updates with multiple apparently valid names, such as ‘Win10.0_System_Upgrade_Software.msi‘ Y ‘Security_Upgrade_Software_Win10.0.msi‘.

LOOK: This way you can prevent them from turning off your cell phone in case of theft

Other download files presented on these web pages as purported Windows 10 updates are ‘System.Upgrade.Win10.0-KB47287134.msi’, ‘System.Upgrade.Win10.0-KB82260712.msi’, ‘System.Upgrade.Win10.0-KB18062410.msi’ and ‘System.Upgrade.Win10.0 -KB66846525.msi’.

According to data recorded by VirusTotal, the free antivirus that scans files and web pages, This ‘ransomware’ campaign began on April 8 and has had a massive worldwide distribution.

LOOK: Netflix will no longer allow you to log in with your Facebook account: what to do so as not to lose access?

Once this malware is downloaded, is capable of encrypting the relevant system files and adding a random 8-character extension on themending in ‘g.gtearevf’.

Also, an HTML file called ‘README.html’ is created that contains instructions on how to access Magniber’s payment site, called My Decryptor, to pay a ransom for stolen files.

According to data collected by BleepingComputer, the majority of ransom demands have been approximately $2,500 or 0.068 bitcoins.

LOOK: Semiconductor shortage will last until 2024, according to Intel

At the moment, this ransomware campaign is primarily targeting students and customers of Microsoft’s operating system, rather than businesses, where this type of fraud often occurs.

Source: Elcomercio

Deshawn