'.MTXLOCK File Extension' Ransomware

'.MTXLOCK File Extension' Ransomware Description

The '.MTXLOCK File Extension' Ransomware is a variant of the AES-Matrix Ransomware, a file-locking Trojan that can use encryption for holding documents, pictures, and other media hostage. Users also may find associated documents demanding money for the decryption of their files, as well as unexpected changes to the extensions on any filenames. Many anti-malware programs are deleting the '.MTXLOCK File Extension' Ransomware automatically as a threat, but the only proven recovery method for any encrypted data is a backup.

Having Your Files Pulled Back into the Matrix

The AES-Matrix Ransomware family is experiencing a series of developments throughout 2018 and carrying on from the previous year. The next variant of it that malware experts are confirming, the '.MTXLOCK File Extension' Ransomware, is in testing due to its inclusion of console output, apparently, which is a traditional bug-testing feature. However, the final version of the '.MTXLOCK File Extension' Ransomware, along with omitting this log data, also should be just as good as the other builds of the AES-Matrix Ransomware at blocking files for Bitcoins.

Some of the general characteristics of the '.MTXLOCK File Extension' Ransomware's family include a tendency of benefiting from Remote Desktop-based exploits for compromising networks, using RTF-format ransoming notes, and a free space overwriting a function that can hamper any file recovery software. The '.MTXLOCK File Extension' Ransomware also may replace the desktop's wallpaper with an image it drops, which malware experts often see supplementing any text-based ransoming warnings.

However, the defining attack in the '.MTXLOCK File Extension' Ransomware's payload is a data-encrypting routine that uses an AES and RSA-based algorithm combination for blocking different formats of files. This version of the threat also splits from previous editions of its family by giving each file a true extension ('.MTXLOCK'), along with the bracketed e-mail address that most versions of AES-Matrix Ransomware promote. Like the Relock Ransomware and other variants of this group of Trojans, the encryption damage is secure and not reversible via free software.

Sparing Your Files from Being a Line of Profit in a Trojan's Matrices

The threat actors responsible for distributing AES-Matrix Ransomware and its different versions historically often enable RDP features for installing unwanted and threatening software manually. Network security is, accordingly, paramount to blocking the most likely infection vectors for the '.MTXLOCK File Extension' Ransomware and the other releases of its family. Malware experts also recommend monitoring e-mail attachments, which can have close associations with Trojan campaigns targeting the networks of businesses and governments.

The bulk of this Trojan's changes are cosmetic ones: minor updates to its file-renaming methodology and ransoming note. Although the Trojan has no additional encryption-related functions, in comparison to previous variants, the lack of a public decryptor for its family makes it unnecessary that the threat actors update this core feature. Having a backup that isn't encrypted still is the best way of saving your files from this threat, along with enabling anti-malware solutions that delete the '.MTXLOCK File Extension' Ransomware, or quarantine it safely, by default.

Less than a third of most brands of anti-malware products are detecting the '.MTXLOCK File Extension' Ransomware as a threat. Since this Trojan's attacks and accompanying efforts at extortion aren't ceasing, any PC users should, at the same time, remind themselves not to slack on their backups or Web-browsing safety habits.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to '.MTXLOCK File Extension' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: May 11, 2018
Home Malware Programs Ransomware '.MTXLOCK File Extension' Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.