A new ransomware variant of Matrix has been revealed, taking advantage of the open Remote Desktop Service and connecting to its command and control server. The new Matrix variant has a capability to scan IPs looking for any listening RDP service, it will then attempt a brute force remote desktop session. A successful penetration in effect encrypts all user files with a FOX extension, lucky the algorithm of encrypting user files is very disk intensive. The malware authors provided three email addresses for which the user can contact: [email protected].”]
Source: https://hackercombat.com/meet-the-new-daring-version-of-matrix-ransomware/