Keeping the browser updated is important to ensure that it works well and that there are no security problems. However, you must be careful when updating it, since it is common to find false updates. We are going to talk about this in this article, since there is a ransomware that sneaks through fake Chrome and Edge updates. The victim thinks they are installing the latest version, but it is actually a scam.
Magniber, the ransomware that arrives when updating
The methods hackers use to attack are very varied. But undoubtedly one of the most used is through a false file that we sneak in by e-mail or when making a download. This also includes fake updates, as is the case with Magniber ransomware posing as a new version of the Google Chrome and Edge browsers.
This issue has been detected by security researchers from ASEC. Attackers had previously distributed Magniber by exploiting vulnerabilities in the Internet Explorer browser. But now this has also been extended to Chrome and Edge, although this time it is posing as an update.
Carry the .appx extension and it contains a certificate that makes it look legitimate, but it is actually a fake file. Once the victim executes it, it automatically adds malicious EXE and DLL files with this name:
wjoiyyxzllm.exe, for the EXE file
wjoiyyxzllm.dll, for the DLL file
It is through these files that the problem begins. They execute a function called mbenooj. This is what Magniber ransomware implements and starts to encrypt files on that team. As usual with these types of threats, also leave a ransom note.
At the moment there is no way to decrypt the files for free. The victim would have to pay the ransom, although we already know that this is not a good idea and in many cases it does not mean that they will regain control of the system. Of course, this frogsomware does not steal files, as other varieties do. Ransomware has evolved over time.
Tips to avoid this attack
So what can we do to avoid being a victim of this type of attack? We have seen that it comes through a file that supposedly updates Chrome and Edge to the latest version. Therefore, the first advice is always to update the browser through official sources.
To do this, in Chrome we can go to the menu at the top right, click on Help and we will Google Chrome information. There it will show us what version we have installed and, if necessary, it will install any pending updates. This process should be automatic.
Another option is to go directly to the official website browser. There we can download the latest version available. We should not go to third-party sites, as it could be a scam and a threat may slip in, such as the Magniber ransomware that we have seen.
But beyond how to update the browser, it is equally important to consider two factors. The first of this is to use a good antivirus. This will help us detect threats and delete files that may be a danger. It is also essential to have the updated system, in addition to the browser, to prevent them from taking advantage of vulnerabilities.