Havana Crypt is one of a rising number of ransomware programs and other viruses that have recently been disseminated via false updates for Google Chrome, Microsoft Exchange, and Windows 10. Security experts identified “Magniber” ransomware spreading in May under the pretence of Windows 10 upgrades. Malwarebytes researchers saw the Magnitude Exploitation Kit operators attempting to trick victims into downloading the malware by disguising it as a Microsoft Edge official update this year.
Before Adobe officially abandoned the technology due to security concerns, phoney Flash upgrades used to be a staple of Web-based malware campaigns, as Malwarebytes highlighted at the time. Since then, hackers have been trying to mislead people into downloading the malware by utilising phoney versions of other often updated software products, with browsers being among the most commonly targeted.
An analyst at Intel 471 who asked to remain anonymous claims that attackers frequently employ false software updates to disseminate all types of malwares, including Trojans, info thieves, and ransomware. According to the analyst, “a non-technical client might be duped by similar approaches, but SOC analysts and incident responders will probably not be duped.”
Security professionals have recognized the necessity for companies must have many layers of protection in place to ward off attacks like ransomware. In order to achieve this, it is necessary to have controls for endpoint- point detecting and responding, user and entity behaviour patterns capabilities, network dynamic allocation to reduce damage and limit lateral displacement, encryption, and a strong sense of identity and access control, including multi-factor authentication.
Since adversaries frequently target end – users, it is crucial for organizations to have effective procedures in place for warning users about the dangers of phishing and social engineering tricks that are intended to persuade them to install malware or click on links that lead to sites that steal user credentials.