Police Warns of a Fake Windows Update That Locks Up Victims’ Data

Look out Window users, because another scam is in town.

On Saturday (14 May), the police and Cyber Security Agency of Singapore (CSA) released a joint statement about a ransomware variant that poses itself as a Windows operating system update.

Fake Windows Operating System Update Called Magniber 

According to the police and CSA, the ransomware variant is called Magniber.

What this ransomware variant does is essentially allow attackers to have access to their victims’ personal data, such as details of bank accounts or credit cards and social media accounts, which in turn allows attackers to steal money or impersonate victims.

After getting access to the victims’ data and encrypting it, these attackers will then demand payment in the form of cryptocurrency such as Bitcoin from victims if they want to regain access to their data and have it decrypted.

In more serious cases, attackers were able to gain remote control over the victim’s devices.

Join our Telegram channel for more entertaining and informative articles at https://t.me/goodyfeedsg or download the Goody Feed app here: https://goodyfeed.com/app/

How Does Magniber Spread

The authorities first realised that the ransomware variant began spreading from Internet Explorer since late 2021 through other internet browsers like Microsoft Edge and Chrome.

Reports have suggested that Magniber may be distributed through websites that offer pirated or cracked software.

(Another reason why we shouldn’t visit dodgy sites for free stuff.)

Downloading the malware through a fake Windows OS update link, a pop-up ad, or an email file from an unknown sender leads to the ransom note being displayed:

Image: Cyber Security Agency of Singapore

Ways to Protect Yourself from Magniber

Firstly, you’re already one step ahead now that you know what Magniber is.

The police and CSA also advise that members of the public should always make sure their mobile devices and other electronic items such as laptops and computers are updated regularly with the latest OS versions from official and verified sources.

(So don’t ignore the pop-up when your laptop prompts you to do your software update.)

You should also avoid clicking pop-up advertisements or open files from unknown senders.

In the worst-case scenario where you do find yourself already affected by Magniber, be brave and do not cave in to the ransom demands made by the attacker.

This is because there’s no absolute guarantee that your data would be released as promised and would encourage these criminals to continue with their criminal activity.

And don’t feel paiseh if you do find yourself in this situation and make sure to lodge a police report immediately.

Victims can also visit nomoreransom.org to see if there are readily available decryptors as a possible solution to get their data released.

Read Also:

Featured Image: Cyber Security Agency of Singapore