The Matrix Ransomware has risen again!

Haythem Elmir

Security researcher (Jérôme Segura) from Malwarebytes has found that Matrix Ransomware has risen again and it is now being distributed through the RIG exploit kit.

The Matrix Ransomware was first spotted in 2016 by Palo Alto Networks researchers, since then the malware had slowly faded until these days.

The Matrix Ransomware exploit vulnerabilities in Internet Explorer (CVE-2016-0189) and flash (CVE-2015-8651). For the user to become infected, the user only requires to visit a website that includes malvertisements using a vulnerable machine and they will become infected with the ransomware.

When a machine is infected with the latest version of the Matrix Ransomware, the malware will encrypt all the files on the user’s computer, change the file names, and add the extension to the file name.

Then the ransomware will leave ransom notes named “#_#WhatWrongWithMyFiles#_#.rtf” in with the encrypted files. In the end, it will present a ransom screen that provides data on what has occurred to the files.

Users are recommended to install all available security updates for their installed programs and operating system to become secure.

To read the original articel:

Laisser un commentaire

Next Post

DoubleLocker Ransomware Locks Android devices

A ransomware dubbed as DoubleLocker has infected Android devices by changing the security PIN of the device and encrypting all the data stored. Researchers from cybersecurity firm ESET have discovered the Double Locker ransomware, that is a two-step ransomware which adopts a dual-locking approach. According to researchers, the ransomware is […]