Metaencryptor is a ransomware/extortion group name observed by Dragos in reporting on industrial-sector ransomware activity. In the provided content, Dragos noted Metaencryptor for the first time and categorized it among “minimal-activity” groups that each registered a single incident. The content does not provide technical details on the malware’s payload, encryption behavior, infection vector, tooling, victimology beyond inclusion in industrial ransomware reporting, associated threat actor relationships, or indicators of compromise. High-confidence information available here is limited to its identification as a newly observed ransomware name with very low observed activity in the reporting period.
Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Minimal-activity ransomware brand referenced as part of the long-tail of operators.
Ransomware family listed among active groups impacting industrial organizations in Q4 2023; also noted as first observed by Dragos in Q4 2023.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.