Ransomware - Metasys - LIT-12011279 - General System Information - Metasys System - 13.0

Network and IT Guidance Technical Bulletin

Brand
Metasys
Product name
Metasys System
Document type
Technical Bulletin
Document number
LIT-12011279
Version
13.0
Revision date
2023-09-29
Product status
Active
Language
English

Ransomware is a type of malware that infects computer systems, restricting access to the infected systems. Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Typically, these alerts state that the systems are locked or that files are encrypted. Users are told that unless a ransom is paid, access cannot be restored. The ransom varies but is frequently $200–$400 dollars and must be paid in virtual currency, such as Bitcoin.

Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user's knowledge.

Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and can be spread through social media, such as Web-based instant messaging applications. Additionally, newer methods of ransomware infection were observed. For example, vulnerable Web servers were exploited as an entry point to gain access into an organization's network.