96 pc ransomware affected Indian firms engaged with law enforcement for help: Report
According to the cybersecurity firm Sophos, about 59 per cent of the organisations that did engage with law enforcement also reported finding the process easy.
In a new report, security software firm Sophos claims to have tracked 96 samples of Matrix ransomware in the wild
Matrix ransomware, which has been operating since 2016 and gives nightmares to the IT world, hit the database of the University of Madras last week. The attacker demanded a ransom of Rs 18 lakh to restore access to the data.
According to British security software and hardware firm Sophos, the attackers who are infecting computers with Matrix have been breaking in to enterprise networks and “infecting those computers over Remote Desktop Protocol (RDP), a built-in remote access tool for Windows computers”.
In a new report about Matrix ransomware released on Tuesday, Sophos claims to have tracked 96 samples of Matrix ransomware in the wild.
Advertisement
Unlike the previous targeted ransomware including BitPaymer, Dharma and SamSam, Sophos claims, Matrix only targets a single machine on the network, rather than spreading widely through an organization.
“In its latest paper, SophosLabs reverse engineered the evolving code and techniques employed by the attackers, as well as the methods and ransom notes used to attempt to extract money from victims,” the company has said in a statement, adding: “The Matrix criminals evolved their attack parameters over time, with new files and scripts added to deploy different tasks and payloads onto the network.”
According to Sophos, Matrix ransom notes are embedded in the attack code, but victims don’t know how much they should pay until they contact the attackers. “For most of Matrix’s existence, the authors used a cryptographically-protected anonymous instant messaging service, called bitmsg.me, but that service has now been discontinued and the authors have reverted to using normal email accounts,” says the security software company.
Matrix, it says, is like the Swiss Army Knife of the ransomware world, “with newer variants able to scan and find potential computer victims once inserted into the network”.
Matrix has been evolving since 2016 and its newer versions are appearing every now and then.
In the Sophos 2019 Threat Report, it was highlighted that targeted ransomware would be driving the hacker behaviour, and organisations needed to remain vigilant and work to ensure they were not an easy target.
Sophos recommends the following 4 security tips to counter Matrix ransomware:
Advertisement