The operators of the Magniber have upgraded their ransomware with new capabilities. The ransomware operation of the group has not changed much, but researchers explained that it can now target Windows 11 operating system.
This progress is a considerable upgrade for the Magniber operators as they can now exploit all systems on Windows, significantly increasing their campaign activities. Researchers have seen that the surge began on the 25th of May and has grown since then.
However, the propagation process of the Magniber group is still the same as its previous activities in April. Their attack still includes downloads from cracked software websites, fake adult websites, and forums.
Their attacks have also been the same since when a user accesses a distribution site controlled by Magniber, they will be prompted by the malware to download a third-party network disk. The ransomware group also uses RSA+AES for encrypting files which is very problematic for cybersecurity since it is in 2048 bits, which is hard to crack.
When the ransomware finishes the encryption process, the encrypted file will be coded by a random suffix. Each Magniber victim will be entitled to an independent payment page. Subsequently, the operators will ask the victim to pay a ransom of 0.09 Bitcoin.
The threat actors will give their victims five days to pay the ransom, and if the payment is not accomplished, it will be twice the original price. Lastly, if the ransom payment is not met on the given data, they will deactivate the actors’ payment link.
Magniber ransomware operators updating their payload to target Windows 11 implies continuing their quest to keep their malware effective.
Last April, the adversaries used Fake Windows 10 updates to distribute Magniber in a large-scale threat campaign. The attacks used by the threat actors back then were the same distribution methods for spreading the recently used malware.
Cybersecurity experts recommend that users distance themselves from unknown programs offered by unknown sources. Moreover, users should stay wary of trendy applications and use official stores when downloading apps.
