"Magniber Ransomware Now Infects Windows Users via JavaScript Files"

A recent malicious campaign, which uses fake security updates to deliver Magniber ransomware, has targeted Windows home users. In September, threat actors created websites that promoted fake antivirus and security updates for Windows 10. The malicious files (ZIP archives) that were downloaded contained JavaScript, which started a complex infection with the file-encrypting malware. According to a report from HP's threat intelligence team, Magniber ransomware operators demanded up to $2,500 in order for home users to receive a decryption tool and recover their files. The strain is specifically targeting Windows 10 and Windows 11 builds. Magniber was discovered in April 2022 being distributed as a Windows 10 update via a network of malicious websites. Its operators used Chrome and Edge browser updates in January to distribute malicious Windows application package files (.APPX). This article continues to discuss Magniber ransomware's infection chain and targets. 

Bleeping Computer reports "Magniber Ransomware Now Infects Windows Users via JavaScript Files"