Matrix-SBLOCK Ransomware

The Matrix-SBLOCK Ransomware is an encryption ransomware Trojan. The Matrix-SBLOCK Ransomware Trojan is part of the Matrix family of ransomware, a group of ransomware Trojans that are nearly identical to each other and are typically created using a ransomware builder kit. The Matrix-SBLOCK Ransomware carries out a typical encryption ransomware attack, encrypting the victims' files, making them inaccessible by taking them hostage and then demanding a ransom payment from the victims, if they want their files back.

There's Nothing New in the Matrix-SBLOCK Ransomware Attack

The Matrix-SBLOCK Ransomware is typically distributed using corrupted spam email attachments. Once the Matrix-SBLOCK Ransomware has been installed, it uses a strong encryption algorithm to make the victims' files inaccessible, also removing the System Restore points and other methods of restoring the affected data. When the Matrix-SBLOCK Ransomware attack finishes the encryption of the targeted files, they are easy to recognize because the Matrix-SBLOCK Ransomware adds the file extension '.SBLOCK' to each affected file's name. The Matrix-SBLOCK Ransomware attack targets the user-generated files, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Matrix-SBLOCK Ransomware drops a text file, which contains the Matrix-SBLOCK Ransomware's ransom note. The Matrix-SBLOCK Ransomware's ransom note file is named '!SBLOCK_INFO!.rtf,' is dropped on the infected computer's desktop and contains the following message:

'WHAT HAPPENED WITH YOUR FILES?
Your documents, databases, backups, network folders and other important files are encrypted with RSA-2048 and AES-128 ciphers. More information about the RSA and AES can be found here:
h[tt]p://en.wikipedia[.]org/wiki/RSA (cryptosystem)
h[tt]p://en.wikipedia[.]org/wiki/Advanced Encryption Standard
It means that you will not be able to access them anymore until they are decrypted with your personal decryption key! Without your personal key and special software data recovery is impossible! If you will follow our instructions, we guarantee that you can decrypt all your files quickly and safely!
If you want to restore your files, please write us to the e-mails: gman222@protonmail.com'

Dealing with a Matrix-SBLOCK Ransomware Infection

Computer users are highly advised to refrain from paying the Matrix-SBLOCK Ransomware ransom or contacting the criminals responsible for the Matrix-SBLOCK Ransomware attack. Instead of doing this, computer users are advised to take steps to protect their data preemptively by having backup copies of their files and storing these backups in secure locations that the Trojan can't corrupt or erase. Apart from file backups, it is important to take steps to protect your PC from intrusion, such as having a security program that is always up-to-date and capable of detecting and intercepting a threat like the Matrix-SBLOCK Ransomware.