Matrix Ransomware Being Distributed by the RIG Exploit Kit

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Forum Veteran
Feb 4, 2016
2,516
15,624
3,578
53
Germany / Poland
ekfiddle.jpg


Malwarebytes security researcher Jérôme Segura discovered that Matrix Ransomware is now being distributed through the RIG exploit kit on sites that are displaying malvertisements.

The Matrix Ransomware was first released at the end of 2016 and we covered it back in April 2017. Since then the ransomware had slowly fizzled out until yesterday's report. Therefore, it was a surprise to find out this that ransomware was being distributed again, let alone in exploit kit campaigns.

According to Segura, the Matrix Ransomware is being installed through exploit kits on sites displaying malvertising, which target vulnerabilities in Internet Explorer (CVE-2016-0189) and Flash (CVE-2015-8651). Both of these vulnerabilities rely on visitors using unpatched and outdated versions of Internet Explorer and Flash Player.

To become infected, a visitor simply needs to visit a site that contains malvertisements using a vulnerable computer and they will become infected with the ransomware. This is why it is so important that everyone regularly install all available security updates for their installed programs and operating system.
Click to expand...

How to protect yourself from the Matrix Ransomware

To protect yourself from this threat, you should first make sure all of your Windows security updates and program updates are installed. This will prevent the exploit kits from installing Matrix Ransomware on your computer.


It is also important to use good computing habits and security software. First and foremost, you should always have a reliable and tested backup of your data that can be restored in the case of an emergency, such as a ransomware attack.

You should also have security software that contains behavioral detections such as Malwarebytes or Emsisoft Anti-Malware. If you are using Windows 10 with the Fall Creators Update installed, you can also use their Controlled Folder Access feature to protect important documents from being encrypted.
Click to expand...
 
  • Like
Reactions: harlan4096, silversurfer, XhenEd and 4 others
You must log in or register to reply here.

You may also like...