Matrix-SDEN Ransomware
The Matrix-SDEN Ransomware (also known as SDEN Ransomware) is part of the Matrix Ransomware family, and it is even more closely related to the Matrix-MDEN Ransomware that we reported on last week. There aren’t any major differences between the attack tactics that the Matrix-SDEN Ransomware and Matrix-MDEN Ransomware employ – both of them rely on swift and secure file-encryption attacks that limit access to certain file types. After the attack is complete, the Matrix-SDEN Ransomware drops a ransom message, which provides the victim with details regarding the attack, and offers them a quick but pricey solution – to pay some Bitcoin in exchange for a decryptor. The attackers may make their offer sound attractive and guaranteed to work, but you can rest assured that sending money to the Matrix-SDEN Ransomware’s authors is a terrible idea since you may end up losing both your money and your files. Ransomware operators are certainly not famous for their honesty, and getting scammed by them would not be a surprise at all.
The payload of the Matrix-SDEN Ransomware is likely to be spread via cleverly designed phishing emails that contain a bogus attachment – the subjects of the emails may vary, but they are likely to claim to contain important information such as a CV, invoice, tax return information, pending delivery, etc. The bogus file attachment may be an infected Microsoft Office document or a disguised executable file that is meant to unleash the Matrix-SDEN Ransomware on the target’s computer.
The Matrix-SDEN Ransomware’s attack leaves all locked files with a changed name by adding the ‘.SDEN’ extension (e.g. ‘archive.zip’ would be renamed to ‘archive.zip.SDEN.’) The ransom note is usually placed on the desktop, in the file ‘!SDEN_INFO!.rtf.’ Last but not least, the attackers ask to be contacted via smartden@protonmail.com – the same email address that the Matrix-MDEN Ransomware uses.
Recovering from this attack is difficult but not impossible. First of all, you should make sure to eliminate the file-locker by using trustworthy antivirus software. After you do this, you can proceed to the recovery of your files – due to the lack of a free decryptor, you can do this by either restoring from a backup or by trying data recovery tools.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.