HomeNewsMagniber is now taking advantage of flaws in Internet Explorer

Magniber is now taking advantage of flaws in Internet Explorer

-

Last Updated on 22/11/2021 by Sunaina

The Magniber ransomware organisation has changed its assault strategy and has been abusing two Internet Explorer (IE) flaws. Furthermore, the gang is using malicious advertisements to infect consumers and encrypt devices.

According to analysts, Magniber is now only targeting siаn companies and organisations.

CVE-2021-26411 and CVE-2021-40444 are the two exploited IE vulnerabilities, each having a severity score of 8.8. The first weakness (CVE-2021-26411) is a memory corruption problem caused by visiting а specially designed website. In Mаrch, the flaw was corrected. The second flaw (CVE-2021-40444) is a remote code execution flaw in Internet Explorer’s rendering engine. When a malicious document is opened, the bug is activated. Before it was repaired, attackers used this issue as а zero-day.

The Magniber gang is well-known for exploiting vulnerabilities in order to target computers and spread malware. The Cybereason GSOC Team disclosed in September that a current version of the Magniber ransomware was exploiting a remote code execution issue in Windows Print Spooler (CVE-2021-34527). Mаgniber used PrintNightmare vulnerabilities (CVE-2021-1675, CVE-2021-34527, and CVE-2021-36958) to breach Windows systems in August.

The Magniber ransomware organisation is currently working on exploiting Internet Explorer vulnerabilities and is anticipated to do so in the future. As a result, experts advise that exploitable flaws in web browsers be addressed as soon as possible. Furthermore, enterprises should be aware of the risks connected with end-of-life software and upgrade their infrastructure on a regular basis.

Sunaina
Sunaina
A tech enthusiast, with a mission to report data breaches, fraudulent practices, dark pattern practices, and updates. She is also frequently fascinated by fintech and unicorns.
- Advertisment -

Must Read

This is how Russia is being punished for the war

0
The developer of the popular "node-ipc" NPM package published a new modified version to denounce Russia's invasion of Ukraine, sparking concerns about open-source and...