Delaware, USA – October 30, 2017 – The researcher from Malwarebytes reported the return of the Matrix Ransomware. This malware was discovered at the end of the last year and adversaries frequently updated this threat, but for several months there have been no campaigns with its use. Currently, the virus spreads through malvertising, targeting vulnerabilities in Microsoft IE and Adobe Flash (CVE-2016-0189 and CVE-2015-8651). If a victim doesn’t have the necessary patches installed and visits the website with malvertising, the RIG exploit kit installs the Matrix Ransomware on a vulnerable system.
In April, cybercriminals experimented with this virus, adding to it the possibility of spreading through the network via malicious shortcuts. Perhaps the reason for the return of this malware is the notorious recent attack of Bad Rabbit. Ransomware remains one of the most widespread threats in the cybersecurity field. To protect your organization from such attack, you can use the analytical content from Use Case Cloud. Ransomware Hunter for ArcSight, QRadar and Splunk will speed up the detection of the first signs of infection and allow you to localize the threat without harm to business processes.