SamSam Ups Ransom to $33,000
Posted by: Timothy Weaver on 06/24/2017 09:51 AM
[
Comments
]
SamSam is a piece of ransomware that has been around for about a year. Victims were charged a nominal fee to decrypt their files.
The malware targets networks and is usually delivered via remote desktop protocol (RDP), web shells and batch scripts in order to infect multiple machines on a network.
However, the crooks behind the latest edition have upped their price. The malwareās operators demand 1.7 Bitcoin (over $4,500) to decrypt a single machine, 6 Bitcoin (over $16,000) to decrypt data on half the machines, and 12 Bitcoins (around $33,000) to restore data on all of the infected machines.
A researcher going by the name of Vallejo says: "The group behind SamSam charges very high ransoms because of the amount of effort invested in their operations, which made them the subject of two FBI Alerts last year.ā
Recently, a New York hospital was attacked and their network was held for ransom. The hospital refused to pay the $44,000 ransom.
AlienVaultās Chris Doman reports: āThe most recent attacks appear to have been successful, at least from the attackerās point of view. The Bitcoin address associated with this weekās attacks has received $33,000.ā
Although SamSam deletes the original files and only leaves the encrypted, the malware does not clean the removed file sectors and may allow users to recover their files or parts of them.
Source: Security Week
The malware targets networks and is usually delivered via remote desktop protocol (RDP), web shells and batch scripts in order to infect multiple machines on a network.However, the crooks behind the latest edition have upped their price. The malwareās operators demand 1.7 Bitcoin (over $4,500) to decrypt a single machine, 6 Bitcoin (over $16,000) to decrypt data on half the machines, and 12 Bitcoins (around $33,000) to restore data on all of the infected machines.
A researcher going by the name of Vallejo says: "The group behind SamSam charges very high ransoms because of the amount of effort invested in their operations, which made them the subject of two FBI Alerts last year.ā
Recently, a New York hospital was attacked and their network was held for ransom. The hospital refused to pay the $44,000 ransom.
AlienVaultās Chris Doman reports: āThe most recent attacks appear to have been successful, at least from the attackerās point of view. The Bitcoin address associated with this weekās attacks has received $33,000.ā
Although SamSam deletes the original files and only leaves the encrypted, the malware does not clean the removed file sectors and may allow users to recover their files or parts of them.
Source: Security Week
Comments
