SamSam Ups Ransom to $33,000
Posted by: Timothy Weaver on 06/24/2017 01:51 PM
[
Comments
]
SamSam is a piece of ransomware that has been around for about a year. Victims were charged a nominal fee to decrypt their files.
The malware targets networks and is usually delivered via remote desktop protocol (RDP), web shells and batch scripts in order to infect multiple machines on a network.
However, the crooks behind the latest edition have upped their price. The malware’s operators demand 1.7 Bitcoin (over $4,500) to decrypt a single machine, 6 Bitcoin (over $16,000) to decrypt data on half the machines, and 12 Bitcoins (around $33,000) to restore data on all of the infected machines.
A researcher going by the name of Vallejo says: "The group behind SamSam charges very high ransoms because of the amount of effort invested in their operations, which made them the subject of two FBI Alerts last year.”
Recently, a New York hospital was attacked and their network was held for ransom. The hospital refused to pay the $44,000 ransom.
AlienVault’s Chris Doman reports: “The most recent attacks appear to have been successful, at least from the attacker’s point of view. The Bitcoin address associated with this week’s attacks has received $33,000.”
Although SamSam deletes the original files and only leaves the encrypted, the malware does not clean the removed file sectors and may allow users to recover their files or parts of them.
Source: Security Week
The malware targets networks and is usually delivered via remote desktop protocol (RDP), web shells and batch scripts in order to infect multiple machines on a network.However, the crooks behind the latest edition have upped their price. The malware’s operators demand 1.7 Bitcoin (over $4,500) to decrypt a single machine, 6 Bitcoin (over $16,000) to decrypt data on half the machines, and 12 Bitcoins (around $33,000) to restore data on all of the infected machines.
A researcher going by the name of Vallejo says: "The group behind SamSam charges very high ransoms because of the amount of effort invested in their operations, which made them the subject of two FBI Alerts last year.”
Recently, a New York hospital was attacked and their network was held for ransom. The hospital refused to pay the $44,000 ransom.
AlienVault’s Chris Doman reports: “The most recent attacks appear to have been successful, at least from the attacker’s point of view. The Bitcoin address associated with this week’s attacks has received $33,000.”
Although SamSam deletes the original files and only leaves the encrypted, the malware does not clean the removed file sectors and may allow users to recover their files or parts of them.
Source: Security Week
Comments
