Blog Post
Destructive Ransomware
Sep 27, 2018
The SamSam ransomware has made cybercriminals at least $6m since they started distributing the file-locking malware in late 2015 to encrypt data and backups. Their profits are still on the rise, netting around an additional $300,000 each month.
SamSam is different to other forms of ransomware; while other variants are spammed out to potential victims by email, SamSam attacks are thought to begin with a remote desktop protocol (RDP) compromise, either by brute force attacks, or credentials purchased on the dark web.
Once inside a compromised machine, the attackers seek out vulnerabilities which they exploit to spread across an organisation's network before encrypting files.
Once inside a compromised machine, the attackers seek out vulnerabilities which they exploit to spread across an organisation's network before encrypting files.
With a stranglehold on an entire network, the attackers then demand a huge bitcoin ransom payment in exchange for the decryption keys. The payments now regularly reach over $50,000.
SamSam requires a more hands-on technique than other forms of ransomware, but the time and effort is apparently paying off for the crooks.
SamSam requires a more hands-on technique than other forms of ransomware, but the time and effort is apparently paying off for the crooks.
The number of payments received per month throughout 2018 has peaked at 10, indicating a level of precision by the attackers.
Let us share our IT expertise to build your business success.
CALL US TODAY
+64 3 377 4662
FIND US AT
43 Moorhouse Avenue
Addington
Christchurch 8011
Addington
Christchurch 8011
© Computer Culture 2021- 2024, Registered in New Zealand No. 1981065. Site powered by Concilio
,