Magniber (Possible Cerber Replacement?) Targeting South Korea

Well it looks like Cerber may have had a makeover. According to this article at, there is a new strain of ransomware targeting South Korea called Magniber. This clever name is a mashup taken from the Magnitude exploit kit and Cerber. Two known extensions it’s using in the event of infection are .ihsdj & .kgpvwnr

Kudos to  security researcher Michael Gillespie for discovering this.

It appears that this strain may be decryptable, so don’t go shelling out those Bitcoins just yet if you get hit with this, follow this link to the Magniber Ransom Support & Help Topic on

Keep those backups in shape and don’t forget to train people not to click in the first place!

Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army 2nd Regional Cyber Center-Western Hemisphere.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.