Magniber Ransomware Making Rounds on Warez Sites Posing as Windows 10 Updates

Antivirus For Windows 10

A new ransomware campaign is making the rounds targeting Windows users who make a habit of downloading pirated content.

Serving as another reminder to stay away from warez and crack sites, the Magniber ransomware campaign reportedly started a few days ago.

Since April 27, more and more victims have been posting their stories on the BleepingComputer forum seeking a solution. According to the publication, the ransomware poses as Windows 10 updates and is being distributed through fake warez and crack sites.

Once run, the ransomware deletes shadow volume copies and then encrypts files, appending a random 8-character extension.

In typical ransomware fashion, victims are served up a ransom note instructing them to install the Tor browser and access a custom URL pertaining to their individual case.

The Magniber payment site instructs victims on how to negotiate the ransom payment in Bitcoin. Victims are allowed to decrypt one file free of charge, to establish that Magniber’s claims are not bogus.

“The only 1 way to decrypt your files is to receive the private key and decryption program,” the ransom note reads. “Any attempts to restore your files with the third party software will be fatal for your files!”

Bitdefender has been receiving an increasing number of help requests from Magniber victims in the past eight months. Unfortunately, there is currently no decryptor available for this ransomware family.

It is highly recommended to stay away from warez and crack sites as these venues are easily exploited to serve malware to unsuspecting users.

Bitdefender Total Security offers multiple layers of protection to keep you from getting infected with ransomware in the first place. Remember, prevention is better than cure.

Stay safe!