Distribution of Magniber Ransomware Stops (Since August 25th)
Contents
Through a continuous monitoring process, AhnLab Security Emergency response Center (ASEC) is swiftly responding to Magniber, the main malware that is actively being distributed using the typosquatting method which abuses typos in domain addresses. After the blocking rules of the injection technique used by Magniber were distributed, ASEC published a post about the relevant information on August 10th.
Subsequently, the number of cases diminished as the creator of Magniber conducted various detection bypass tests, and as of August 25th, the distribution of the Magniber ransomware has halted.
Since its initial appearance in 2016, Magniber has never taken a break from distribution for such a long period of time (usually resuming distribution with a new technique to bypass detection within 2 weeks to a month). The count graph for the detection rules is displayed below. Since August 25th, no further detections have been reported, and the distribution was found to be halted.
Magniber is …
Subsequently, the number of cases diminished as the creator of Magniber conducted various detection bypass tests, and as of August 25th, the distribution of the Magniber ransomware has halted.
Since its initial appearance in 2016, Magniber has never taken a break from distribution for such a long period of time (usually resuming distribution with a new technique to bypass detection within 2 weeks to a month). The count graph for the detection rules is displayed below. Since August 25th, no further detections have been reported, and the distribution was found to be halted.
Magniber is …