Table of Contents
In recent years, “Big Game Hunting” ransomware attacks against enterprises have dominated media headlines because of their high-profile victims and substantial ransom demands. Yet single-client ransomware – a type of ransomware that infects individual computers, rather than fleets of devices – can still cause significant damage to individuals and organizations. In this article, we share our analysis of a ransomware campaign isolated by HP Wolf Security in September 2022 that targeted home users by masquerading as software updates. The campaign spread Magniber, a single-client ransomware family known to demand $2,500 from victims. Notably, the attackers used clever techniques to evade detection, such as running the ransomware in memory, bypassing User Account Control (UAC) in Windows, and bypassing detection techniques that monitor user-mode hooks by using syscalls instead of standard Windows API libraries.
Magniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates | HP Wolf Security
Don’t let cyber threats get the best of you. Read our post, Magniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates, to learn more about cyber threats and cyber security.
Patrick Schläpfer
#Analysis #IoCs
