Matrix-EMAN Ransomware

The Matrix-EMAN Ransomware is an encryption ransomware Trojan that belongs to the Matrix family of ransomware Trojans, which has numerous variants. The Matrix-EMAN Ransomware was first released on October 1, 2018. The unlucky victims of the attack have reported that the Matrix-EMAN Ransomware has entered their computers through corrupted spam email attachments, often in the form of a PDF, DOCX or SCR file. The criminals often use social engineering techniques to trick the victim into opening the compromised email attachment. These files will use embedded macro scripts that download and install the Matrix-EMAN Ransomware, often while displaying a bogus file such as a CV or job application while the Matrix-EMAN Ransomware is being installed in the background.

How the Matrix-EMAN RansomwareAttacks a Computer

The main purpose of the Matrix-EMAN Ransomware and similar threats is to take the victim's files hostage. The Matrix-EMAN Ransomware will use a strong encryption algorithm to make the victim's files inaccessible, and then demand a ransom payment o restore access to the victim's files. If the victim does not have file backups, this type of attack can be devastating since the encryption methods used by these threats cannot be undone without the decryption key. The Matrix-EMAN Ransomware attack can be spotted easily because the Matrix-EMAN Ransomware will mark the files it targets by adding the file extension '.EMAN' to the end of the file's name. The Matrix-EMAN Ransomware also will rename the victim's files, adding the Matrix-EMAN Ransomware contact email to the file's name. The Matrix-EMAN Ransomware has as its main targets the user-generated files, which may include a wide variety of document types. The Matrix-EMAN Ransomware targets determined files in these attacks, which include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Matrix-EMAN Ransomware's Ransom Demands

The Matrix-EMAN Ransomware demands a ransom payment. To do this, the Matrix-EMAN Ransomware drops a text file named '#README_EMAN#.rt' onto the victim's computer. This ransom note demands that the victims contact the criminals via a specific email address, where they will be asked to pay a large ransom using Bitcoin. Instead of paying the Matrix-EMAN Ransomware ransom, computer users should find other ways of recovering their files. The best protection against threats like the Matrix-EMAN Ransomware is to have file backups, which should always be stored in safe places to enable recovery of compromised data. A security program also crucial to have since it can be used to intercept attacks like the Matrix-EMAN Ransomware before the target's files are compromised.