Satoshi Nakamoto Blog
Image default
Cyber cybersecurity Hacking Malware Matrix NEWS Ransomware Security Sophos The-Latest

Research details new form of ransomware flying under the radar

A new report from SophosLabs released today details a new form of ransomware that has been flying under the radar until now.

Dubbed Matrix, the ransomware is unique in that it targets a single machine rather than spreading through an organization like other forms of ransomware. In addition, the attackers also force the victim to message them directly to show proof of encryption before they disclose the ransom amount.

Matrix also differs in the way it is distributed. Whereas most prominent ransomware attacks involve widespread phishing campaigns, those behind Matrix in most cases gain access to victim’s personal computer by performing an active brute-force attack against the passwords for Windows machines. They do so via gaining access through a firewall that has the Remote Desktop Protocol enabled.

The researchers noted that though the attack is less sophisticated than others, Matrix also comes equipped with a “Swiss Army knife” of malware that helps it carry out its attack.

“While the malware has been under continuous development and improvement while we have been monitoring it, the authors or operators of this malware do not appear to behave as professionally as, by comparison, the SamSam gang,” the report explained. “They have made frequent mistakes along the way, some of which have been corrected, and other features implemented then abandoned. They do not always employ adequate operational security, which might be the cause of their eventual undoing.”

Attacks using Matrix have been detected globally, with 28 percent of detections coming from the U.S. Hinting at its country of origin, later versions of the ransomware prevent it being fully executed if the victim’s machine uses Russian and eastern European languages.

“While it is not in wide distribution, Matrix appears to herald a future in which small, bespoke
ransomware gangs engage in moderate-return targeted attacks simply because the low-hanging fruit exists,” the researchers concluded.

Photo: Marcin Wichary/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.

The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Source link

Related posts

Ripple’s Swell Conference 2018: Potential XRP effects and RippleNet advancements


IBM has launched a blockchain testing service for enterprises


2020 Presidential Candidate and Coin Center Director Testify Two Sides of the (Bit)coin


Tesla battery partner Panasonic will ‘study investments over 35 GWh’ for Gigafactory 1


IBM Joins Two Major U.S. Banks to Issue their Own Crypto


German Police Shuts Down Illegal Mining Operation that Caused 250K USD in Damages