Online criminals have had at times, used fake software updates to con users into pushing malware. A recent finding revealed an update to the Magnitude Exploit Kit, disguised as a genuine Microsoft Edge browser update was targeting users – it was the Magniber Ransomware.
Magniber Ransomware is targetting Microsoft Edge users
The incident involving Magniber Ransomware came to light when a team of researchers was investigating an update to the Magnitude Exploit Kit, believed to be a regular browser update. Unfortunately, it turned out to be a fake software update, designed to con users.
Malwarebytes Threat Intelligence worked with nao_sec researchers to investigate a recently-discovered update to the Magnitude Exploit Kit that was duping users with a fake Microsoft Edge browser update.
As it is well known, browsers have a very confusing update schedule but netizens find it normal to install such updates for their everyday use. So, a warning message that underscores threat and prompts urgency to update an out-of-date software looks convincing and gives users a reason to install software from the Internet even if it is relatively unknown.
The Magniber ransomware exploits a similar scheme. It uses social engineering to lure web users to download a corrupted software update and install ransomware on their computers. So far, its target is limited to the Asia region, particularly South Korea but can expand to other geographies too.
Ransomware is malware that encrypts your files or stops you from using your computer until you pay money (a ransom) for them to be unlocked. Some of the ways you can get infected by ransomware include
- Visiting unsafe, suspicious, or fake websites.
- Opening file attachments that you weren’t expecting or from people you don’t know.
- Opening malicious or bad links in emails, Facebook, Twitter, and other social media posts, or in instant messenger or SMS chats.
The best solution for this problem is to check for the Edge update through the browser settings. If it says, your browser is up to date, you can ignore the warning and take no action.
