A fake update allegedly for the Windows 10 operating system is instead hijaking computers with ransomware.
Hundreds of PCs across the world have already fallen victim to the scam, with millions more at risk.
Known as the Magniber ransomware, it appears as a normal Windows security update.
It appears to have started spreading around the internet early last month.
While it can be distributed under different names, the most common appear to be: Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi.
According to victims who have reported the virus to BleepingComputer, it is largely targeting students and non-professional users.
Once a computer has been infected, users are served a warning saying that all their personal files have been encrypted.
The Magniber ransomware drops a README.html document in each folder it encrypts which point users towards the hacker’s Tor payment site.
The website will provide victims with one free file that is decrypted without a charge – but forces them to pay in cryptocurrency to unlock the rest.
It seems the majority of demands have been set at around 0.068 Bitcoins, which equals out to about $2,600 or £2,000.
Microsoft has updated its support pages with strategies for combating the latest wave of ransomware attacks. But unfortunately, it cannot help anyone who has fallen for the scam.
Microsoft advises to use its anti-malware software Windows Defender but notes ‘there is no one-size-fits-all response if you have been victimized by ransomware.’
What is ransomware?
Ransomware is a type of computer virus that takes over a victim’s PC and then locks them out of their own system.
It will often encrypt or steal files from the user until a ransom is paid – often this is asked for in untraceable cryptocurrency.
Ramsomware can be small, targeting just a few isolated users, or large – infecting entire companies or governments.
Nowadays, ransomware is common and deployed freely by hackers. It first gained mass conciousnes when it brought the NHS to a standstill in 2017.
During that attack, a type of ransomware called WannaCry infected 200,000 computers in over 150 countries.
NHS England reported at least 80 out of the 236 trusts were affected by the cyber attack and locked out of their systems. In addition, 603 primary care and other NHS organisations, including 595 GP practices were also affected.
The WannaCry incident ended up costing the UK £92 million, with global costs of the malware adding up to a whopping £6 billion.
Source: Read Full Article