• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • Ransomware Services
    • Ransomware Removal
    • Ransomware File Recovery
  • News
  • Tutorials
  • Ransomware TV

Cryptovirological discovery: GMPF ransomware

November 8, 2018Simeon Georgiev

Matrix ransomware family was first surfaced on the web in 2016. Since then, the developers of Matrix ransomware have introduced many variants from time to time. Recently, security experts have detected a new strain belonging to the same cryptovirological family called GMPF.

Researchers are still trying to find more details regarding the activity of the strain. As of now, it has been found out that GMPF encrypts and appends files on the targeted device with a long extension containing email ID of the attackers, some random letters and the string ‘GMPF’.

The security experts who have extensively studied Matrix cryptovirological family to develop ransomware removal solutions have suggested that the activity of GMPF strain might entail these characteristics.

Use of scare tactic:  The operators might pretend as law enforcement officials in the ransom note and allege the targeted users of visiting banned websites (child pornography, zoophilia etc). Such scare tactics are often used by cryptovirological operators to ensure that the targeted users contact them for ransomware removal.

Use of combined encryption: There are strong chances that the operators of GMPF have also used combined encryption of AES and RSA algorithms. The use of both these encryption methods makes the professional ransomware removal an increasingly uphill task.

Rising ransom amount as deadline expires: The previous matrix ransomware variants often give a four-day deadline to the targeted users to contact them. Otherwise, they would increase the amount of extortion money with every passing day.

In order to protect your device from the shenanigans of GMPF attackers, it is advised to be extremely cautious of phishing emails. Majority of ransomware payloads are distributed through phishing emails containing infected attachments. Also, refrain from visiting insecure websites and make sure that your device is not connected to any compromised remote desktop protocol.

Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: [email protected]
Previous post How GandCrab has turned into a multi-million ransomware this year Next post Kraken operators come up with a new exploit for RaaS activity

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Ransomware: 4 Types of the Latest Trend in Cybercrimes

February 1, 2018Simeon Georgiev
Ransomware: 4 Types of the Latest Trend in Cybercrimes

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • How to protect your organization against ransomware reinfections
  • AuKill Helps Ransomware Operators Disable EDR and Security Tools
  • AI-ransomware is a real threat, just not a realistic one yet
  • Rorschach is the new speed king in the ransomware space
  • The Role of Supply Chain Breaches in Ransomware Attacks

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.