Two old foes are back with new and improved ways to wreak havoc on your data! MalwareHunter Team recently uncovered two upgraded Matrix Ransomware variants that attack remote desktop services.
These sinister viruses work by running thousands of algorithms to obtain your passwords, then hacking into your remote desktop. BleepingComputer reports, “both variants are being installed over hacked RDP, encrypt unmapped network shares, display status windows while encrypting, clear shadow volume copies, and encrypt the filenames.” Just like the name implies, malicious ransomware will encrypt your data and demand payment in order to restore vital system files.
Knowledge is the greatest tool when it comes to cracking the Matrix code and fortifying your information. Learn the differences, risks, and ways to protect against these two Matrix variants.
Suspect Number One: [Files4463@tuta.io]
This is the first of the two detected variants and the less advanced. Think of 4463 as the mini boss. This variant opens several pop-up windows on your desktop while installing malicious ransomware and even changes your desktop background to reflect the ultimate goal of a hackers; a ransom note for your hostage data.
Encrypted data will display in a separate folder with a suspicious “Read Me” note which will then direct the hacking victim to send payment to a specific email. This can leave your business feeling like the target of a digital heist with no way to recover corrupted data.
Suspect Number Two: [Restorfile@tutanota.com]
This ugly variant is the big boss we’ve been waiting to introduce. Number Two operates in similar fashion to Number One, only with far more advanced debugging messages and cipher commands. This virus overwrites the free space on your computer and attacks the C drive to prevent users from activating data backups.
The end result? Another ransom note for your files.
Cracking the Code
If all of this information has you regretting taking the red pill, don’t worry! There are many ways to protect yourself — and your business — from Matrix Ransomware attacks.
Secure Your Remote Desktop Services
As discussed, these variants operate by hacking into remote desktop servers. It’s critical to ensure that no computers running remote desktop services directly connect to the internet. Utilize a VPN for remote systems at all times to avoid your data becoming a casualty of online thieves.
Backup Your Data
If there’s one cardinal rule we can’t stress enough, it’s the necessity of having multiple backups. External hard drives, automatic internal backup procedures, and Managed Cloud Environments are great tools for securing your information.
Beware Suspicious Attachments
Never open suspicious attachments and always verify the sender. Put this practice into place company wide and educate employees on detecting fraudsters.
Password Protected Remote Desktop Services
Get in the habit of creating strong passwords. Use sentences which include capitals, lowercase, numbers, and symbols. Never reuse the same password twice and update passwords routinely.
Shield Your Business
Always utilize a strong firewall, malware scanning tools, and continually update virus detection software to catch new variants before they have the chance to catch you off guard.
Not sure where to begin? Contact our IT experts today for a complimentary risk assessment.