As security experts often stress the importance of keeping your software up to date, cybercriminals have now started targeting Microsoft Edge users with fake browser updates.
Fake software updates have been a strategy implemented by cybercriminals for years to get users to download malware. That’s because with a trusted branded message that has the right mix of inherent danger and urgency, they can easily trick uninformed users.
While Flash updates have long been a part of Web-based malware campaigns, Adobe shut down the popular software more than a year ago, which is why cybercriminals are now targeting browsers instead. One reason for this is that browsers like Google Chrome and Microsoft Edge are updated so frequently that many users stop installing updates when they become available.
According to a new blog post from Malwarebytes, the cybersecurity firm’s threat intelligence team teamed up with nao_sec researchers to investigate a newly discovered update to the Magnitude Exploit Kit that tricked users into installing fake Microsoft Edge browser updates. Had been.
Magnitude Exploit Kit uses and exploits a wide range of social engineering to attack users and install ransomware on their systems. Although it has been used in the past to target users around the world with various ransomware strains, these days it is mainly used to install Magnibar ransomware on targets in South Korea.
The attack campaign investigated by Malwarebytes begins with a user visiting an ad-heavy website, where they encounter a malicious ad that redirects them to a “gate” known as Magnigate. This gate checks their IP address and browser to determine whether users should be attacked. If they fit the correct criteria, the user is then redirected to the Quantity Exploit Kit landing page.
From here, they are asked to download an update for Microsoft Edge which is actually a malicious Windows Application Package (.appx) file. This file then downloads Magnibar ransomware, encrypts their files and demands a ransom.
To prevent falling victim to this attack and others like it, users should invest in ransomware protection and be aware of the fact that Edge automatically updates itself when you restart it.
We have also highlighted best browser And best ransomware protection