shot-button
Ganesh Chaturthi Ganesh Chaturthi
Home > Technology News > Ransomware campaign targeting users via fake Windows 10 antivirus update Experts

Ransomware campaign targeting users via fake Windows 10, antivirus update: Experts

Updated on: 16 October,2022 12:16 PM IST  |  New Delhi
IANS |

The ransomware campaign called Magniber demands $2,500 from victims for unlocking their data, reveals HP threat research team

Ransomware campaign targeting users via fake Windows 10, antivirus update: Experts

Representational image. Pic/iStock

A ransomware campaign is targeting home users by masquerading as software updates via fake Windows 10 and antivirus installs, cyber-security researchers have revealed.


The ransomware campaign called Magniber is then demanding $2,500 from victims for unlocking their data, reveals HP threat research team.


"Notably, the attackers used clever techniques to evade detection, such as running the ransomware in memory, bypassing User Account Control (UAC) in Windows, and bypassing detection techniques that monitor user-mode hooks by using syscalls instead of standard Windows API libraries," the team explained.


Even though Magniber does not fall into the category of 'Big Game Hunting', it can still cause significant damage.

"Home users were the likely target of this malware based on the supported operating system versions and UAC bypass. The attackers used clever techniques to evade protection and detection mechanisms," the security researchers noted.

With the UAC bypass, the malware deletes the infected system's shadow copy files and disables backup and recovery features, preventing the victim from recovering their data using Windows tools.

The infection chain starts with a web download from an attacker-controlled website.

The user is asked to download a ZIP file containing a JavaScript file that purports to be an important antivirus or Windows 10 software update.

Home users can protect themselves from ransomware campaigns like this one by following this simple advice:

The HP security team said that home users should only download software updates from trusted sources as the campaign depends on tricking people into opening fake software updates.

"Back up your data regularly. Backing up your data will give you peace of mind should the worst happen," they suggested.

Also read: Ransomware as a service creates cottage industry of cybercrimes: Report

This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!

Register for FREE
to continue reading !

This is not a paywall.
However, your registration helps us understand your preferences better and enables us to provide insightful and credible journalism for all our readers.

Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK