A new wave of malware has been discovered by BleepingComputer, targeting students and consumers through false updates to the Windows 10 system. The Magniber ransomware is a type of virus that hijacks your computer and demands payment for its removal.
The malware is distributed under various names, often pretending to be a security or cumulative update for Windows 10. Downloads for fake updates are found on fake warez and crack sites.
Once installed, the Magniber ransomware will encrypt the files and erase the Shadow Volume Copies. The ransomware adds a random 8-character extension to the encrypted files and creates a ransom note called README.html.
The Magniber payment site is called “My Decryptor” and allows victims to decrypt a file for free, contact support, or determine the ransom amount and bitcoin address for payment. Most ransom demands have been around $2,500 or 0.068 bitcoins.
Unfortunately, the Magniber campaign primarily targets students and consumers, making the ransom demand too expensive for many victims. Magniber is considered safe with no weaknesses that can be exploited to recover files for free.
Protect yourself from malware by always downloading updates from legitimate sources and being cautious when downloading anything from the internet. If you suspect your computer has been infected, seek help immediately from a trusted IT professional.