Beware of Fake Windows 10 Updates

May 24, 2022 | Other
Fake Windows 10 Updates

Not every Windows 10 update is created equal. In fact, some may have dark, mischievous intentions. 


According to reports, malicious ransomware — known as Magniber Ransomware — is being distributed through fake Windows 10 updates. Unwitting users are downloading what they believe to be a perfectly harmless operating system update only to find out they’re now infected with a virus. 


As a trusted partner offering low-cost help desk support and personal technology solutions, My Computer Works is here to walk clients through the ups, and sometimes downs, of ransomware — from avoiding it to getting rid of it. 


Here’s what we know. 


Magniber ransomware isn’t new. It’s been around since 2017, according to industry reports, infecting primarily South Korean users and Internet Explorer users before expanding its network to reach a broader audience. Most recently, it’s been using Windows 10 updates as a veil to entice users to download infected files. 


And the tricky part is, that the files look legitimate, using terms such as “security upgrade” and “system upgrade.” The actual file names, according to reports, have been known to take one of two naming conventions:


  • Win10.0_System_Upgrade_Software.msi
  • Security_Upgrade_Software_Win10.0.msi


Despite being around since 2017, the Magniber ransomware infections are making news right now due to a massive campaign that began in early April. Once the ransomware is installed, it encrypts files and users will see a README.html file.

That file, according to reports, will direct users to the Magniber Tor payment site and give instructions on how to pay the ransom to release the files. According to BleepingComputer, the payment site is called “My Decryptor” and allows users to unlock one file for free. 


The site also includes a link to “contact support,” and provides guidance on bitcoin payment. According to TechRadar, the ransom amount appears to be around $2,500. 


Even with all the tech-specific reporting out there, providing information on new attacks as they start to make waves, and even with increasingly better security applications, ransomware attacks are on the rise. And they’re on the rise through phishing campaigns or disguised in software updates for antivirus protection or Flash player updates. 


Panda Security reports that ransomware is one of the fastest-growing cyber threats in the current era. It was the third most-used cyberattack in 2021, as ransomware attacks increased by 62% that year alone. 


Statistics indicate more than 300 million ransomware attacks occurred in the first half of 2021, and forecasts called for that number to increase in 2022. Particularly alarming is a report that 80% of organizations were hit with a ransomware attack in 2021, indicating that essentially any organization is vulnerable to attack. 


If an organization falls victim to a ransomware attack, it’s important to identify it early, contain it, seek guidance from experts and report it to the proper authorities. Because doing nothing isn’t an option. 


Contact us to learn more about how our computer experts can offer you ongoing support for any issues you’re experiencing!

Back to Tips & Tricks >

Get Help With All Your Technology Needs

Home or office solutions—My Computer Works is here to help you get back to your life.

Subscribe Now