AB89 Ransomware
The AB89 Ransomware is a file-locking Trojan that's a variant of the AES-Matrix Ransomware. This family of Trojans uses secure encryption for locking files, may replace their names, alter the wallpaper and create a ransom note. A backup on another device can aid with the recovery of digital media, and traditional anti-malware programs should remove the AB89 Ransomware.
A Trojan Family Finds Its Next Customers
The AES-Matrix Ransomware family is quieter than many of its fast-proliferating competition inside the file-locking Trojan industry. With few new versions, the AB89 Ransomware comes as a minor surprise in the middle of 2020. Its payload, naming patterns, and other attributes show that this family isn't moving on from old features and conventions.
Versions of Trojans-for-hire's family peppering the past two years with their attacks include not just the AB89 Ransomware, but also the AG88G Ransomware, the BDDY Ransomware, the Kromber Ransomware, and the Matrix-MDEN Ransomware, for examples. The Trojans target most Windows systems, and the AB89 Ransomware is likely to infect mid-sized, vulnerable businesses through RDP features. Once it's in, the AB89 Ransomware starts encrypting media files with a secure, AES encryption routine.
The AB89 Ransomware also can overwrite files' names with a random string of characters, to which it adds an e-mail address and its extension (shown in its name). Further Registry changes let it hijack the desktop's background or wallpaper and replace it with a warning message. However, the Trojan also includes another communication method: an RTF document ransom note.
Orchestrating a Jailbreak from the Matrix
The AB89 Ransomware's family isn't prone to security oversights that would lead to its victims recovering their files quickly or cheaply. Simultaneously, though, malware experts can't endorse extortion-based decryption services that may provide other infection opportunities or security issues. Windows users should save their work onto other devices regularly for backup recovery that doesn't cost a ransom.
Server administrators should be dutiful about the security surrounding their passwords, Remote Desktop features, and admin account privileges, especially. Entities at risk from the AB89 Ransomware may experience assaults through e-mail attachments faking invoices or other workplace content, sophisticated 'watering hole' attacks targeting niche website traffic, or direct brute-forcing. Home users also aren't invincible. All PC users, regardless of circumstances, should have reliable, often-updated backups, and essential protection like security patches and anti-malware tools.
Professional anti-malware services will flag current samples of this Trojan and can remove the AB89 Ransomware safely. Victims should remember that disinfection doesn't reverse all the symptoms, including, importantly, the encryption blockage of files.
The AES-Matrix Ransomware offspring like the AB89 Ransomware are a dime a dozen, but hardly as cheap to those whose media they maim. A backup is, for everyone, more than just peace of mind, but an impenetrable shield against file-locking Trojans and Ransomware-as-a-Services.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.