Attackers Use Fake Windows 10 Update To Spread Magniber Ransomware

Attackers use fake Windows 10 updates to spread the Magniber ransomware. Posts on VirusTotal showed that the attack began on April 8 and had since recorded a massive spread.

Magniber ransomware primarily targets students and consumers and not on corporate victims. The ransomware operators demand ransom, which is set at about $2,500 or 0.068 Bitcoins.

These malicious updates are distributed under various names, including Win10.0_System_ Upgrade_Software.msi and Security_Upgrade_Software_Win10.0.msi. The downloads for the fake Windows 10 updates are distributed from fake warez and crack sites.

Once the malicious updates are installed, the ransomware will delete shadow volume copies and then encrypt files.

When encrypting files, the ransomware also creates ransom note names README.html in each folder. The ransom note contains instructions on how to access the Magniber Tor payment site to pay a ransom.

The sources for this piece include an article in BleepingComputer.

Attackers Use Fake Windows 10 Update To Spread Magniber Ransomware

Top Stories

What a year this has been.

Top 10 reflections on information technology developments in 2025

Spotify says it has identified account behind mass scraping claimed by pirate group

Waymo suspends San Francisco robotaxi service after power outage leaves cars blocking roads

Facial recognition becomes mandatory for new mobile accounts in South Korea

Alphabet to buy data centre and energy firm to boost AI capacity

Related Articles

Facial recognition becomes mandatory for new mobile accounts in South Korea

Alphabet to buy data centre and energy firm to boost AI capacity

Apple ties critical spyware fixes to iOS 26, forcing upgrades on newer iPhones

Starlink quietly removes lowest-cost plan from U.S. market

TND Newsdesk

TND Newsdesk

Jim Love

Follow Us

Popular categories

Tech News Delivered