AG88G Ransomware

The AG88G Ransomware is a file-locking Trojan that comes from AES-Matrix Ransomware's family. Users should have backups for protecting themselves from its primary feature, the harmful encryption of media files. Anti-malware services can provide secondary means of defense through quarantining or removing the AG88G Ransomware as soon as they detect it.

Revisiting the Matrix of Data Kidnappers

The evolution of technology coincides with the growth and streamlining of criminal businesses taking advantage of these newfound avenues for money and misbehavior. One of the most well-known means by which criminals take advantage of software for harm currently is harmful encryption, and a part of Trojan families as vast as the STOP Ransomware, the kit-brewed Crysis Ransomware, or the less-often-seen AES-Matrix Ransomware. An offshoot of the last of these is carrying the name (and extension) of the AG88G Ransomware into 2020's summer months.

First verifiable through samples in the second week of June, the AG88G Ransomware appears similar to other offspring from the AES-Matrix Ransomware's group, like the BDDY Ransomware, the Kromber Ransomware, the MDRL Ransomware or the NGSC Ransomware. The Windows-only program leverages a secured version of the most common form of encryption, AES, for blocking documents, pictures, spreadsheets, databases, music, and other media on any available drives. Inconveniently for the victims, it also includes a feature for overwriting filenames with Base64-encoded characters, including the extensions.

Users have the opportunity for gambling on buying the threat actor's decryption and file-unlocking solution to this attack, according to the local Web page that the AG88G Ransomware creates, and the contact information that it also embeds into filenames. Malware analysts usually recommend against this course of action unless all other backups options are definitively unavailable. The AES-Matrix Ransomware family doesn't have a free decryption solution for current releases, and PC users always should have non-Restore Point-derived reserves for dependable recoveries.

Disrupting a Business Cycle Based on Taking Data for Granted

The AG88G Ransomware success at selling its ransom-based service hinges on victims who aren't backing their files up to other devices, whether they're cloud servers or detachable USB sticks. Administrators can further protect themselves and their data by making appropriate password choices that eliminate dictionary attack risks and installing patches that remove the vulnerabilities threat actors use in their drive-by-download exploits. Businesses should instruct workers on recognizing e-mail phishing lures, particularly, which can include specific information for tricking victims into clicking and enabling unsafe content like macros.

All PC users should avoid illicit download sources that are rich fodder for circulating Trojans, albeit mostly from other families, like the STOP Ransomware. Key generators, premium software cracks, and 'free' versions of purchasable-only programs are common carriers of file-locking Trojans, either through fake filenames or bundles. Enabling Flash, Java, or JavaScript in one's browser also is a regrettably natural means of leaving oneself at risk for attacks from the campaigns of the AG88G Ransomware and other threats.

An up-to-date anti-malware program should have a well-developed definition for dealing with the AES-Matrix Ransomware members.

The AG88G Ransomware preys on the weakness and poor maintenance habits of Windows users for getting its paydays. Like every other file-locking Trojan family, its intentions are thwartable with ease, as long as everyone backs their work up without putting it off until it's too late.