VirusW32/Filecoder.OMM!tr.ransom
Analysis
W32/Filecoder.OMM!tr.ransom is classified as a ransomware trojan.
A ransomware trojan is a type of malware that prevents or restricts the infected user from accessing their system, usually by locking the screen or encrypting the user's files. It then demands payment, usually in the form of cryptocurrency, in order for the system or files to be accessible again.
The Fortinet Antivirus Analyst Team is constantly updating our descriptions. Please check the FortiGuard Encyclopedia regularly for updates.
Outbreak Alert
Researchers at Microsoft Threat Intelligence Center (MSTIC) have identified evidence of a novel ransomware campaign targeting organizations in the transportation and logistics industries in Ukraine and Poland. According to the report, the new ransomware labels itself with a ransom note of “Prestige ranusomeware”.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
| FortiGate | |
|---|---|
| Extended | |
| FortiClient | |
| FortiMail | |
| FortiSandbox | |
| FortiWeb | |
| Web Application Firewall | |
| FortiIsolator | |
| FortiDeceptor | |
| FortiEDR |