Matrix has slowly evolved into a 'Swiss Army knife' of the ransomware world

[silversurfer]

Matrix, a ransomware strain first seen in late 2016, has evolved into a dangerous threat after years of slow and incremental updates and has been recently characterized as a "Swiss Army knife" in a report published today by UK-based cyber-security firm Sophos.

While initially, the Matrix authors used the RIG exploit kit to mass-distribute their ransomware in its early days, in 2016 and 2017, since early 2018, the ransomware has been exclusively spread in attacks against carefully selected high-value targets, usually by taking advantage of unprotected RDP (Remote Desktop Protocol) endpoints.

In this, the Matrix gang followed a trend in the ransomware world, where email or exploit kit-based mass distribution campaigns have died off in 2018, giving in to operations that preferred to go after individual targets in solitary attacks exploiting RDP.

In other words, Matrix is now in the same category of ransomware strains, such as the more famous SamSam, BitPaymer, and Ryuk --using hacked RDP endpoints to enter companies' networks and infect as many PCs as possible before asking for huge ransom demands.

Source: https://www.zdnet.com/article/matrix-has...are-world/