SamSam is one of the most notorious ransomware ever made, and its impact is much larger than what cybersecurity firms had previously ascertained. UK-based cybersecurity firm Sophos conducted a review on the ransomware and managed to decode how the attacker (or attackers) have managed to rake in millions of dollars.
Over $5.9 million in ransom payments have been collected through mass-distribution attacks similar to the WannaCry malware. All of the attacks are coordinated, and the person or group behind the attacks carefully choose target organizations that are vulnerable and likely to be extorted for a ransom. The initial SamSam attacks would involve exploiting a vulnerability found in JBoss servers, but despite patches being implemented, the ransomware continued spreading panic among security experts.
It is estimated that approximately 233 victims have been held for ransom by SamSam with an average of more than $25,000 per attack. Security experts at Sophos revealed that it is likely there is just one proficient hacker behind the SamSam malware who managed to rake in millions since 2015. There are multiple grammatical errors in the ransom notes sent to victims, which suggests that the hacker is not a native English speaker.
Almost half of the attacks using the SamSam ransomware involve public sector companies in education, government sectors, and healthcare. The other victims were from the private sector. Most of the victims ended up paying the ransom to avoid large-scale data leaks which could hurt the respective organizations. Sophos has released a list of recommendations that users can use to secure themselves from such malware in a detailed report.
What do you think about the SamSam ransomware? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.