bleepingcomputer[.]com/news/security/surge-in-magniber-ransomware-attacks-impact-home-users-worldwide/
A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor.
Unlike the larger ransomware operations, Magniber has primarily targeted individual users who download malicious software and execute it on their home or small business systems.
While it unclear how victims are being infected, BleepingComputer has been told by a few victims that their device was encrypted after running software cracks or key generators, which is a method the threat actors used in the past.Once launched, the ransomware encrypts files on the device and appends a random 5-9 character extension, like .oaxysw or .oymtk, to encrypted file names.
The ransomware will also create a ransom note named READ_ME.htm, which contains information about what happened to a person's files and a unique URL to the threat actor's Tor ransom site.