Matrix-ITLOCK Ransomware

Posted: September 13, 2018

The Matrix-ITLOCK Ransomware is an updated version of the AES-Matrix Ransomware, a file-locker Trojan that can encrypt your files automatically. These attacks prevent documents, images, and other media from opening, and provide leverage to the threat actor, who demands ransoms for his unlocking assistance. Keeping backups and attending to your network's security standards are useful deterrents against infections from this family, and victims can uninstall the Matrix-ITLOCK Ransomware with any reliable anti-malware program.

More RaaS Trojans to Tell You that 'It's Locked!'

The series of new members for the AES-Matrix Ransomware family is remaining unabated in September, which the Matrix-ITLOCK Ransomware being a follow-up after the recent Matrix-NEWRAR Ransomware and the Matrix-FASTBOB Ransomware. With evidence of its distribution against unknown targets, the Matrix-ITLOCK Ransomware is probably infecting vulnerable business networks and may be using e-mail tactics or compromising logins directly. Once it gains a foothold on the PC, it can prevent media files from opening with limited recourse available to the user.

The Matrix-ITLOCK Ransomware uses AES encryption for the primary locking mechanism against the user's files and may block formats including GIF or JPG pictures, Word or Adobe PDF documents, archives such as ZIP and others. The Matrix-ITLOCK Ransomware also overwrites the names of this media, making them unidentifiable, beyond providing a bracket-enclosed e-mail address for the negotiations and an '.ITLOCK' extension. Malware researchers also find further ransoming details inside of an RTF document that the Matrix-ITLOCK Ransomware generates, although they recommend against paying any fee for potentially faulty or fake decryption services.

Additional symptoms also may be apparent, depending on how the threat actors are configuring the Matrix-ITLOCK Ransomware. Side effects also may include:

The Matrix-ITLOCK Ransomware may flood any free space on the drive with junk data for interfering with advanced recovery software.
The Matrix-ITLOCK Ransomware also may hijack the desktop and replace its wallpaper with another ransom note.
Like all but the simplest of file-locker Trojans, the Matrix-ITLOCK Ransomware also supports erasing the Windows restore points or VSS data.

Your Best Defense against a Lock that may Have No Key

The new versions of the AES-Matrix Ransomware contain effective, RSA-based protection against decryption attempts by third parties. Due to the limited file-recovering potential, malware experts recommend implementing prevention-based security standards that are effective against the Matrix-ITLOCK Ransomware's family. Using sophisticated and customized passwords, preventing easy access between multiple PCs that share a network, and avoiding potentially toxic contact with corrupted e-mail attachments are some of the most useful precautions for countering the Matrix-ITLOCK Ransomware and other, RaaS-based Trojans.

While the Matrix-ITLOCK Ransomware is more likely for compromising for-profit entities, such as corporate servers, than the PC of a single PC user, its attacks are effective in a majority of Windows environments equally. Symptoms of its encryption routine are negligible until after it finishes locking each file in turn, which can include data on other PCs over network shares. Anti-malware programs of most brands should quarantine the Matrix-ITLOCK Ransomware on sight and may uninstall it safely for further damage prevention.

The tools to stop Ransomware-as-a-Service attacks are in every user's hands, but many businesses and individuals, still, are vulnerable. Any files worth a ransom to get back from the Matrix-ITLOCK Ransomware infections also are things that should be kept copied to an appropriate backup location safely.