Relentless ransomware disguised as Windows Updates takes aim at students

It goes without saying that you shouldn’t download Windows updates from any source except Microsoft. But since it apparently doesn’t, let us reiterate: DON’T DOWNLOAD WINDOWS UPDATES FROM ANY SOURCE EXCEPT MICROSOFT. Recently Windows 10 updates from sketchy sources have been caught spreading the Magniber ransomware, causing unsuspecting users to be hit with Bitcoin ransom demands.

The security specialists at BleepingComputer spotted the problem, with forum users reporting the infection after installing self-declared W10 updates from illegal “warez” repositories. These sites offer pirated and cracked versions of paid software, and they’re infamous for being filled with easy targets for those who want to spread malware. The Magniber program hidden in these bogus updates encrypts targeted portions of the user’s storage drive, then demands an anonymous transfer of Bitcoin equal to about $2,600 USD in order to get your files back. The price goes up if you wait more than a few days, and there’s no known workaround to free your files without opening your wallet.

According to BleepingComputer, the malware upload campaign is targeting regular consumers and students, making it particularly nasty in terms of fallout. Once again, make sure both your software and your updates are coming from the right place, and a decent data backup couldn’t hurt. To look for Windows Updates from within Windows 10 itself, open the Start menu, select the cog/gear icon to open the Settings app, and then head to Update & Security > Windows Update > Check for updates.