|Matrix - Ransomware
||The ransomware appeared on the threat landscape two years ago with new variants still being discovered in 2019. Recent variants of Matrix append various extensions including .eman, .itlock, .kok08, and .fastbob. Victims are given 7 days to reach the threat actor by email or bit-message or their decryption key will be deleted.
|Fake Globe - Ransomware
||The ransomware impersonates Globe ransomware and appends various extensions to encrypted files. The ransomware continues to evolve and multiple variants continue to appear in the wild. The malicious software is also known as Globe Imposter, Ox4444, and GUST. Victims are required to email the threat actor for the decryption key to gain access to the encrypted files.
|Ryuk - Ransomware
||The ransomware uses AES and RSA encryption and demands between 15 and 50 Bitcoin for the decryption key. The malicious software kills hundreds of processes and services and also encrypts not only local drives but also network drives. The attacks are reported to be targeted at organizations that are capable of paying the large ransom demanded.
|GandCrab 5 - Ransomware
||The ransomware appends random extensions to encrypted files and directs the victim to an html file for instructions on how to decrypt infected files. The threat actor demands the ransom be paid in either Bitcoin or DASH. GandCrab 5 also scans network shares and mapped drives to find files to encrypt. The threat actors behind the ransomware use a variety of infection vectors including PowerShell, Botnets, Exploit Kits, Trojanized Programs, SpearPhishing, and Remote Desktop.