Since security experts frequently emphasize the necessity of keeping software up to date, fraudsters have started sending bogus browser upgrades to Microsoft Edge users.
For years, fraudsters have relied on fake software updates to trick consumers into downloading malware. This is because they may simply fool naïve people with a successfully branded message that contains the perfect balance of implied menace and urgency.
Although Flash updates were once a common feature of web-based malware operations, Adobe discontinued the popular program more than a year ago, prompting hackers to shift their focus to browsers. One reason for this is because browsers like Google Chrome and Microsoft Edge are updated so regularly that many people wait until they are available to install them.
Malwarebytes’ threat intelligence team recently collaborated with nao sec researchers to analyze a newly found upgrade to the Magnitude exploit kit that was deceiving users into downloading a phony Microsoft Edge browser update, according to a new blog post.
The ransomware Magniber
To target users and install ransomware on their computers, the Magnitude exploit kit employs a variety of social engineering baits and vulnerabilities. Although it has previously been used to infect victims all over the globe with several ransomware strains, it is now predominantly used to infect targets in South Korea with the Magniber ransomware.
A visitor visits an ad-heavy website where they meet a malicious ad that takes them to a “gate” known as Magnigate, which Malwarebytes is investigating. The IP address and browser of the users are checked to see whether they should be attacked. The visitor is subsequently sent to the Magnitude exploit kit landing page if they meet the parameters.
They are then directed to download a Microsoft Edge update, which is really a malicious Windows Application package (.appx) file. The Magniber ransomware is then downloaded, which encrypts their data and demands a payment.
To avoid being a victim of this and other ransomware attacks, users should invest in ransomware protection and be aware that Edge updates itself when you restart it.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover