Gandalf_The_Grey
Level 81
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,082
A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor.
Magniber launched in 2017 as a successor to the Cerber ransomware operation when it was spotted being distributed by the Magnitude exploit kit.
Since then, the ransomware operation has seen bursts of activity over the years, with the threat actors utilizing various methods to distribute Magniber and encrypt devices. These tactics include using Windows zero-days, fake Windows and browser updates, and trojanized software cracks and key generators.
Unlike the larger ransomware operations, Magniber has primarily targeted individual users who download malicious software and execute it on their home or small business systems.
In 2018, AhnLab released a decryptor for the Magniber ransomware. However, it no longer works as the threat actors fixed the bug allowing free file decryption.
Since July 20, BleepingComputer has seen a surge in Magniber ransomware victims seeking help in our forums.
Ransomware identification site ID-Ransomware has also seen a surge, with almost 720 submissions to the site since July 20, 2024.
While it unclear how victims are being infected, BleepingComputer has been told by a few victims that their device was encrypted after running software cracks or key generators, which is a method the threat actors used in the past.
Surge in Magniber ransomware attacks impact home users worldwide
www.bleepingcomputer.com