Hackers are infecting computers with ransomware hidden inside fake updates for Windows 10. Once installed, the malware encrypts files on the victim's computer, and wipes any backups. It also creates ransom notes titled 'README.html' that give instructions on opening the Tor browser in order to pay the ransom, which tends to be around 0.068 bitcoins (roughly £2,000). The ransom apparently doubles every five days if not paid.The ransomware, called Magniber, spreads through fake updates with names that sound genuine, including Win10.0_System_Upgrade_Software. msi and Security_Upgrade_Software_ Win10.0.msi. Some of the updates even have fake KB (Knowledge Base) numbers that Microsoft uses to identify updates - for example, System.Upgrade. Win10.0-KB47287134.msi.It's thought the attack started on 8 April, and that the updates are being spread through so-called 'warez' sites, where hackers offer pirated versions of software.
展开▼