Windows 10 exploited to deliver ransomware to households

Threat actors are after individual consumers, disguising ransomware as fake antivirus or Windows software updates and demanding $2,500 in bitcoin to restore access.

The so-called big game hunting ransomware attacks are typically used to target high-value organizations, with threat actors hoping to harvest millions of dollars in a single attack.

Worryingly, the HP Wolf Security Threat Research Team recently noticed ransomware gangs pursuing smaller targets, as well.

In September, researchers uncovered an attack vector where an individual user is prompted to install an "important" antivirus or Windows 10 software update.

The user is asked to download a ZIP file containing a JavaScript file that delivers Magniber, a single-client ransomware family known to demand $2,500 in bitcoin in exchange for restored access to the encrypted files.

"It uses local privilege escalation to allow hackers to take full control of systems without the user's authority, ultimately encrypting files and redirecting users to a webpage demanding the ransom," the HP Wolf Security blog reads.

The attackers used clever techniques to avoid detection, such as running malicious code in computer memory rather than dropping the payload on-disk and bypassing antivirus software.

"Users can reduce risk by making sure updates are only installed from trusted sources, checking URLs to ensure official vendor websites are used, and backing up data regularly to minimize the impact of a potential data breach," Patrick Schläpfer, malware analyst at HP Wolf Security, said.

More from Cybernews:

DJI drone tracking data exposed in US

Russia can still opt for crypto to evade sanctions, report suggests

Australia's large health insurance company reports cyberattack

Online retailers targeted by refund fraudsters, report warns

Netflix opens its first multi-title pop-up store in Los Angeles

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked