According to ransomware removal experts, Magniber Ransomware has gone global. It is now attacking users residing in other parts of Asia including Singapore, China, Malaysia, Macau and Brunei, while also being customized in their native language. Ransomware removal experts found this expansion in the beginning of July.
History of Magniber
Magniber Ransomware functioned like usual ransomware as it locked the files of users residing in South Korea with encryption algorithms. Moreover, it also acted accordingly to a computer’s linguistic settings. The attack was not limited to the geographic boundaries of South Korea; many South Korean citizens reported being attacked by the ransomware while visiting other countries. Netizens using South Korean IP address for proxy were also affected.
Evolution
Interestingly, this is not the first time this type of ransomware is thought to go international as ransomware removal experts were hasty to conclude its global expansion in the past. They had to later retract from their statements, due to a lack of sufficient evidence.
However, according to ransomware removal experts, all the evidence now points towards Magniber’s global expansion. This change was noticed by Malwarebytes as they saw Magniber code’s customization to countries other than South Korea. Moreover, the code seemed more polished and refined in quality than earlier while also containing more advanced cyber techniques.
Ransomware removal experts are still contemplating the logic behind these modifications. Additionally, they have found that the Magnitude exploit kit of Magniber attacks has also been modified. The Magnitude exploit kit is the sole source of Magniber. Before the discovery of Magniber Ransomware, this kit was employed to infect netizens with a notorious ransomware which is better known by the name of Cerber Ransomware within cybersecurity circles.
Magniber’s new modifications have aroused suspicions about its similarity to Cerber and it is feared to create the same havoc that Cerber had created once.
