უფიGroup Cybercriminals Distributes various Ransom programType of malware that encrypts and steals information through fake Windows 10 operating system updates.

The program is called Magniber and was able to infect computers through Windows download links available on illegal websites, according to a specialized site. Billing computer.

These updates are distributed under different names, including Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi.

Specialists warn that the campaign appears to have started on April 8, 2022 and has since spread massively around the world.

It’s not entirely clear how fake Windows 10 updates are being popularized, but It is known that downloads are spread from fake sites.

Once he Ransom program He installs the computer himself, encrypts the files, makes them inaccessible to affected users, and then asks them to pay a ransom.

The malware also creates notes called README.html in each affected folder, which contains instructions on how to log in to the Magniber Tor payment site to pay the requested amount. Amounts vary, but are generally around $ 2,500 or 0.068 bitcoins.

This campaign is mainly aimed at students and end usersThan companies or large organizations, as in other cases.

Security measures

1. The main measure of care is to download any type of file from illegal sites. Many times, users go to the pages where they offer hacked programs to avoid paying the required prices for legal software and this can be counterproductive as they may be affected by malicious programs.

These actions will eventually lead to more costs for them as their equipment will be affected and they may also lose very valuable information.

2. Distrust. When a download link is received by email or notification to receive an update, benefit, or prize, the first thing you need to do is determine if this is true.

To do this, you must log in to the official websites of the individuals who are likely to post this content.

3. Update the operating system. When a computer or mobile phone notifies you of an update download, do so as this will get security patches.

Of course, it is necessary to make sure that the update is genuine and actually comes from a computer-based operating system (Windows, macOS, Android or iOS).

4. Has a security solution. Many systems incorporate security solutions that warn of possible hacks and vulnerabilities.

In order for it to work properly, you should heed the warnings received, be aware of the vulnerabilities, and, if necessary, add additional antivirus to improve care.

What to do after infecting a computer

1. In the case of ransom software, payment of the requested ransom is prohibited for two reasons. The first is that this will continue to motivate this type of extortion; And the second is that sometimes with a payment the user is not sure that he is recovering his information.

2. Report the theft of information to the Prosecutor’s Office or the relevant body Try to detect and stop cybercriminals behind these tricks.

This is a major measure to stop the spread of cybercrime, one of the biggest challenges facing the digital world today.

Continue reading: