SamSam The ransom program, which has been active for more than a year, now requires $ 33,000 to decrypt and recover all encrypted files.
If a single device is hacked into a network, malicious software can spread to other networked devices. Malware users use Remote Desktop Protocol (RDP), Web Shells and scripts at once to attack networks and deploy this ransom program on each device.
One notable example recently was a major hospital in New York that was infected with SamSam in April, and the hospital refused to pay the hackers a ransom request of $ 44,000. It took about a month to fully restore the hospital's IT systems.
Defense against SamSam is more similar to a targeted attack than another ransom opportunistic ransom program. SamSam criminals are known to:
- Possibility of remote access through joint attacks.
- Publish Web Shells on the Internet.
- RDP remote desktop connection via HTTP tunnels.
- Execute scripts at once to deploy malware on your hardware.
The recent attacks seem to have been successful, at least from the point of view of the hackers. The Bitcoin account associated with the attacks this week received $ 33,000.
These new variables remind us that we must be vigilant and use the latest threat indicators to detect new types of existing malware.
Thanks For All Steemians, Thanks To My Follower
Any suggestions, ideas or feedback welcome! @hamzaoui