all InfoSec news
Redistribution of Magniber Ransomware in Korea (January 28th)
Malware Analysis, News and Indicators - Latest topics malware.news
On the morning of January 28th, the ASEC analysis team discovered the redistribution of Magniber disguised as normal Windows Installers (MSI). The distributed Magniber files have MSI as their extensions, disguising themselves as Windows update files. According to AhnLab’s log system as seen in Figure 1, it can be noted that the distribution increased starting from January 27th.
- MS.Update.Center.Security.KB17347418.msi
- MS.Update.Center.Security.KB2562020.msi
- MS.Update.Center.Security.KB44945726.msi
Figure 1. Increase in Magniber distribution confirmed by AhnLab’s log system
The site that is currently distributing Magniber is …
ahnlab analysis asec center distributed distribution extensions files january korea log magniber malware analysis msi ransomware security system team update windows windows update