HavanaCrypt ransomware sails in as a fake Google update

2022-07-11 16:00

A new ransomware family is being delivered as a bogus Google Software Update, using Microsoft functionality as part of its attack.

Researchers with Trend Micro say they uncovered the latest threat, dubbed "HavanaCrypt", a ransomware package that presents itself as a Google Software Update though it is a.NET-compiled application.

HavanaCrypt is feeding into the growing onslaught of ransomware families and attacks.

Trend Micro in the first quarter detected and blocked more than 4.4 million ransomware threats coming through email, URLs and file layers, a 37 percent quarter-over-quarter increase, according to the cybersecurity vendor's Smart Protection Network, which collects and identifies threats.

This includes a fake Windows update distributing the Magniber ransomware - a threat that has been around since at least 2017 - and attacks that used fake Microsoft Edge and Google browser updates to push the Magnitude exploit.

This year, there have been reports of ransomware being distributed as fake Windows 10, Google Chrome, and Microsoft Exchange updates to fool potential victims into downloading malicious files."

News URL

https://go.theregister.com/feed/www.theregister.com/2022/07/11/havanacrypt-ransomware-google-update/

#google #ransomware

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Google		141	996	4895	2855	1622	10368