Magniber ransomware has been updated with new capabilities. Although the ransomware has not changed much, it now targets Windows 11 systems.
Magniber Ransomware
- The propagation method is still the same as in previous attacks in April, including downloads from forums, cracked software websites, and fake porn websites.
- Whenever a user visits distribution websites, they are prompted to download from third-party network disks.
Additional Insights
Magniber uses the RSA+AES encryption to encrypt files, in which RSA uses 2048 bits, which is hard to crack.
- After being encrypted by the ransomware, the file gets a random suffix added to it.
- Each victim has an independent payment page. The victim is asked to pay a ransom of 0.09 Bitcoin within five days, or the ransom will be doubled.
- If the ransom is not paid within a limited time, the payment link will become invalid.
Earlier attack
In April, attackers used Fake Windows 10 updates to spread Magniber in a large-scale attack campaign. At that time, they used the same distribution methods for spreading the malware.
Conclusion
Magniber operators updating their ransomware to target Windows 11 indicates the continuous efforts made by the ransomware group to keep their malware effective. Thus, experts suggest users avoid downloading unknown programs from unknown sources. Always stay alert and use official sites to download software.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/insider-threat.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/06db_shutterstock_1302949384.jpg)
