Cybersecurity experts are sounding the alarm, as a massive ransomware campaign is currently underway. The malware, dubbed Magniber, encrypts users’ devices around the world, in many cases demanding thousands of dollars in ransom to regain access to the victim’s device. Additionally, the program can delete, steal, or even leak data sleeping computer.
Magniber Ransomware primarily targets Windows operating systems. Like all ransomware, it encrypts the victim’s files and demands a ransom to decrypt them. When it was released in 2017, it mostly targeted Asian countries only, but it quickly spread to other regions as well. Defense is very difficult, as they are constantly updating their encryption algorithms against decryption tools developed by cybersecurity researchers.
Malicious actors distribute the program in several ways: exploiting zero-day vulnerabilities in Windows, distributing fake Windows and browser updates, and using Trojan exploits and key generators. Additionally, attackers can distribute Magniber via phishing emails containing malicious links or attachments. hvg.
In 2018, AhnLab released a decryption tool for the ransomware, but it no longer works as cybercriminals have since patched the “bug” that allowed files to be easily decrypted. Since July, the number of victims has been rising sharply, and according to some sources, tens of thousands of ransomware infections have recently reached European users. There is currently no reliable way to decrypt files encrypted by Magniber for free.
To avoid falling victim, researchers say it’s a good idea to avoid software hacks and key generators, as they’re not only illegal, but also a common way to spread malware and ransomware. And if something goes wrong, the bad news is that even paying the ransom doesn’t guarantee your files will be restored.
