The latest addition to the growing threat of ransomware is the Matrix Ransomware. Though the ransomware has been active for quite some time now but it has recently seen a surge in attacks. Like all other ransomware, Matrix Ransomware holds computer data encrypted for ransom. The encryption is usually strong and no formal way is available to decrypt the files. The only way out is paying the ransom.
What is Matrix Ransomware?
Similar to other families of ransomware, Matrix Ransomware is distributed via spam mails attached with malicious attachments, mostly word and excel files. The files contain built-in Macros which after being enabled download and run the ransomware code. After the Matrix ransomware has been downloaded, ‘.matrix’ extension will be added to the encrypted files, for example: ‘sample.jpg’ will change to ‘sample.jpg.matrix’ The installation is followed by a reboot. Only few files are encrypted leaving the remaining files active so that the user is paralyzed. The Matrix ransomware places a matrix-readme.rtf or readme-matrix.rtf in every folder that contains the encrypted file. This readme file consists of instruction on how to decrypt your files through paying a ransom. The ransom amount is in Bitcoins amounting to $500-$1500. The language of instruction is Russian and English which means the target area of the ransomware.
An interesting feature of Matrix ransomware is the way it spreads via large campaigns and an exploit kit. Matrix ransomware has worm like features that allows it to spread outside of the originally infected PC via Windows shortcuts and also upload stats about the types of files that are encrypted.
Logix Infosecurity has latest software to keep ransomware of different families from harming servers and networks. Once infected with the encryption there is no other way to get back the files other than a backup or paying the ransom. Paying the ransom is hardly a solution to the problem at hand. Even in case of backup being used, there has to be caution because the threads of malicious code can remain inside the system and spread again. Working with the latest tools is the best solution. Cyber security solutions from Logix are top notch and can defend a targeted attack. DLP tools used by Logix are latest and are updated on a regular basis to keep up with the modus operandi of the cyber criminals.