'.metan File Extension' Ransomware
The '.metan File Extension' Ransomware is an encryption ransomware Trojan that was first observed in March 2019. The '.metan File Extension' Ransomware is commonly distributed through corrupted spam email attachments, which use embedded macro scripts to download and install the '.metan File Extension' Ransomware onto the victim's computer. The '.metan File Extension' Ransomware is distributed by social engineering tactics that will often claim to come from social media providers or other popular websites. The '.metan File Extension' Ransomware is not a new threat and seems to be a variant of existing ransomware families, which have been active since Fall of 2018.
How the '.metan File Extension' Ransomware Carries Out Its Attack
The '.metan File Extension' Ransomware carries out a typical encryption ransomware attack, taking the victim's files hostage and then requesting that the victim pay a large ransom in exchange for the affected files. The '.metan File Extension' Ransomware uses the RSA and AES encryptions to make the victim's files unusable. The '.metan File Extension' Ransomware marks the files targeted by its attack with the file extension '.metan' and also may be renamed in other ways. The '.metan File Extension' Ransomware targets the user-generated files, which may include numerous media files, documents and databases. Threats like the '.metan File Extension' Ransomware target the files displayed below in these malware infections:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
The '.metan File Extension' Ransomware delivers a ransom note in the form of a text file named '#HOW TO DECRYPT FILES#.txt' dropped on the infected computer's desktop after the victim's files have been compromised. The full text of the '.metan File Extension' Ransomware ransom reads:
'!!! ATTENTION, YOUR FILES WERE ENCRYPTED !!!
Please follow few steps below:
1.Send us your ID.
2.Then you'll get payment instruction and after payment you will get your decryption tool!
Only we can decrypt all your data!
Contact us us:
metan19@mail2tor.com
And tell us your unique ID
[base64 encoded string]'
Dealing with the '.metan File Extension' Ransomware Threat
Unfortunately, once the '.metan File Extension' Ransomware attack has compromised the files, they will no longer be recoverable. This is why computer users are strongly advised to have a file backup saved on the cloud or another external device. Having file backups ensures that computer users can recover any compromised data without having to contact the criminals. Apart from file backups, a security program should be used to intercept threats like the '.metan File Extension' Ransomware before they can cause damage to a computer.
