Matrix is another ransomware-type malware, that can encrypt user documents, photos, music, video, archives and other types of personal files. Virus adds “.matrix” extension to all encrypted files. It also creates matrix-readme.rtf or Readme-Matrix.rtf files with message in Russian and English with instructions to pay the ransom. Developers of Matrix ransomware offers to contact them using following e-mail addresses: email@example.com, firstname.lastname@example.org or email@example.com and demand ransom of about $500 – $1500.
Spora Ransomware is file encryption virus possibly originating in Russia. It encrypts user files, documents, photos, videos using RSA encryption. Spora does not rename encrypted files. During the process virus generates private key, that, in turn, encrypted with AES encryption. Spora Ransomware is complex infection and certain efforts needed to break it encryption. Currently antivirus companies are unable to find decryption key, and the only way to restore files infected by Spora is backup.
Dharma virus is new variation of Crysis ransomware, and it uses asymmetric cryptography to encrypt user files (documents, music, photos, game files). If you see, that your filenames end on .dharma, .wallet, .zzzzz, .xtbl there is a great possibility you are infected with Dharma Ransomware.
Payday is a ransomware based on HiddenTear source code and developed by Portuguese hackers. Payday derives its name from popular game of the same name. The purpose of the infection is to deny access to the personal data so it encrypts them using complex AES cipher. At the time of encryption, Payday appends the names of encrypted files with the .sexy extension. Although, the data encryption is a time-consuming process, the users usually don’t notice nothing suspicious. The whole procedure runs in stealth mode. Once encrypted, virus creates HTML file saving it on the desktop.
Osiris is new crypto-virus, that belongs to Locky ransomware type. After finishing the process of encrypting files, malware adds .osiris extension and alters filenames. Your files get such names: [8_random_characters]-[4_random_characters]-[4_random_characters]-[8_random_characters]-[12_random_characters].osiris. Virus blackmails user to pay ransom of 2.5 BitCoins (~$1880) for file decryption. Osiris ransomware creates 3 files on users computers: OSIRIS.html, OSIRIS_[4_random_characters].html and OSIRIS.bmp and copies them to the folder with encrypted files. Those files contain instructions for users to pay the ransom on Bitcoin wallet.