Matrix-ITLOCK Ransomware

Matrix-ITLOCK Ransomware Description

The Matrix-ITLOCK Ransomware is an encryption ransomware Trojan that is related to the Matrix Ransomware, a ransomware Trojan that was first noticed on April 3, 2018. The Matrix-ITLOCK Ransomware was first observed on September 9, 2018, and it marks the files compromised by the Matrix-ITLOCK Ransomware attack by adding the file extension '.ITLOCK' to the files' names. The Matrix-ITLOCK Ransomware is typically delivered to the victim's computers through the use of spam email attachments. The Matrix-ITLOCK Ransomware will infect the computers by running the Windows operating system and is designed to make the victim's files inaccessible.

What are the File Types that will be Targeted by the Matrix-ITLOCK Ransomware

There is practically no difference between the Matrix-ITLOCK Ransomware and the various other variants in the Matrix family of ransomware Trojans that have been observed before. The Matrix-ITLOCK Ransomware, like its many predecessors, will encrypt the victim's files, commonly targeting the user-generated file types such as media files, documents and databases. The following are the files that threats like the Matrix-ITLOCK Ransomware may target in these attacks:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Matrix-ITLOCK Ransomware delivers a ransom note in the form of an RTF file that is named '!ITLOCK_README!.rtf,' which will be dropped on the infected compute's desktop as soon as the targeted files are compromised. The Matrix-ITLOCK Ransomware ransom note's text reads:

We are really sorry to inform you that ALL YOUR FILES WERE ENCRYPTED by our automatic software. It became possible because of bad server security.
Please don't worry, we can help you to RESTORE your server to original state and decrypt all your files quickly and safely!
Files are not broken!!! Files were encrypted with AES-128+RSA-2048 crypto algorithms. There is no way to decrypt your files without unique decryption key and special software. Your unique decryption key is securely stored on our server. For our safety, all information about your server and your decryption key will be automatically DELETED
Please write us to the e-mail (write on English or use professional translator):
In subject line write your personal ID:
[random characters]'

Protecting Your Data from Threats Like the Matrix-ITLOCK Ransomware

The best protection you can set up against threats like the Matrix-ITLOCK Ransomware is to have file backups. If you have backup copies of your data stored on password-protected cloud storage or an external memory device, then you can recover from a Matrix-ITLOCK Ransomware attack by restoring the files from the backup copy. Apart from file backups, computer users are counseled to use a security program to ensure that their data is fully protected.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.