In April, there was a surge in infections of Windows computers with the classic ransomware virus that was popular in the 2010s. This was written in Bleeping Computer.
According to the source, the Trojan was called Magniber and began to spread massively to computers running Windows since the beginning of April this year. Over the past few days, cybersecurity experts, including those from the Bleeping Computer team, have received a wave of complaints about Magniber from owners of infected PCs and laptops. The files on their devices were encrypted, and a text file appeared in the folders demanding a ransom through the Tor system.
Apparently, the ransomware gets on computers under the guise of a Windows 10 update file. It is usually hidden in packages Win10.0_System_Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi, which pretend to be cumulative system updates or security patches. They are distributed on sites with pirated content. An inexperienced user might think that this is a real update and download it. Experts still do not fully understand how exactly infected packets get to regular sites.
The site to which the virus “invites” the user is called My Descryptor. On it, the victim can decrypt one file for free, and then contact the hackers, who will tell him the ransom amount and tell him where to transfer it. Usually money is required in the form of cryptocurrency. In most cases, the ransom amount is around $2500 or 0.068 BTC. After 5 days of delay, the amount is doubled.
According to experts, Magniber is considered extremely reliable software, and it is not possible to decrypt its work for free. There is only one way to protect yourself from an attack: to carefully monitor what and where you download, and even more so install it on your PC.
.
The post The virus from the 2010s is back on Windows. It infects computers very cleverly appeared first on Gamingsym.