According to the recent report from Sophos, SamSam Ransomware has collected around $6 million as extortion from only 233 of its victims since December, 015. On an average, the associated cyber-criminals are gaining $300000 per month. Interestingly, most of its victims are governmental agencies and institutions.
SamSam data encrypting malware is active from a very long time. Like any other cyrptovirus, it encrypts the targeted files primarily through spam messages and then demands the victims to pay ransom to get the decryption key. The victims are asked to pay the money in virtual currency such as Bitcoin and sent it to a particular crypto wallet. Interestingly, it demands a very high amount for the decryption key. The biggest payment till now has been $64000 for a single SamSam Ransomware attack. The associated cyber-criminals are focusing to attack big organizations such as governmental institution, hospitals, and authorities and so on. This ransomware doesn’t spread on its own rather it is circulated by human attackers. The compromised System is attacked using RDP. This can be done using the personal credentials of victims which are cheated earlier. The vulnerable PC easily gets infected with this attack. The encryption procedure begins immediately and it tries to encrypt the entire network. On completing the entire network encryption, it demands to pay around $30000.
The main targets of SamSam Ransomware is big companies who are ready to pay big money. Most of the victims are from US and they belong to private sector. The biggest shares belong to health sector followed by Governmental organizations and education sector. According to reports, the malspam is the major way behind this malware circulation. The gullible victims are manipulated to open the spam message and the malware payloads easily get inside the PC. So, don’t enable macros to view email attachments contents send by unknown sender. Don’t get misguided by the attractive titles and subject lines, copy of reputed company logo etc.