Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Technology

SamSam Ransomware Crew Made Nearly $6 Million From Ransom Payments (bleepingcomputer.com) 20

The SamSam ransomware, which if you remember was at play in an attack in Atlanta city earlier this year, has earned its creator(s) more than $5.9 million in ransom payments since late 2015, BleepingComputer reported Tuesday, citing what it called the most comprehensive report ever published on SamSam's activity. The report, it said, contains information since the ransomware's launch in late 2015 and up to attacks that have happened earlier this month. BleepingComputer: Compiled by UK cyber-security firm Sophos, the 47-page report is a result of researchers collecting data from past attacks, talking to victims, and data-mining public and private sources for SamSam samples that might have slipped through the cracks. In addition, Sophos researchers also partnered with blockchain & cryptocurrency monitoring firm Neutrino to track down transfers and relations between the different Bitcoin addresses the SamSam crew has used until now.

By tracking all the Bitcoin addresses researchers were able to find, Sophos says it identified at least 233 victims who paid a ransom to the SamSam crew, of which, 86 went public with the fact that they paid the ransom, allowing Sophos to create profiles about each of these victims. Researchers say that based on the data of these 86 victims, they were able to determine that around three-quarters of those who paid were located in the US, with some scattered victims located in the UK, Belgium, and Canada.

This discussion has been archived. No new comments can be posted.

SamSam Ransomware Crew Made Nearly $6 Million From Ransom Payments

Comments Filter:
  • Did they get their data back? Seems like it might be a "cheap" lesson to learn about backup/RESTORES and security.

    I've heard about some of these guys actually having a chat-room to help victims figure out how pay them in bitcoin and make sure the files are recovered. Nothing like an honest criminal -- OTOH you're more apt to pay them if it's well known you'll actually get your data back. "Thank you for volunteering to be a customer, please come again!"

    The FBI doesn't want you to pay them, because you
    • by Anonymous Coward

      In most all cases the ransom paid is far less than just about any other single cost the company would incur after being a victim.

      Physical losses
      Loss of data - in typical cases they know where your backups are and they encrypt those too (see part about they infiltrate, learn and then attack
      Loss of productivity - computers dont work, people cant work, stuff isnt made, stuff isnt shipped, orders are missed
      And thats just a small picture of the physical losses

      Then there is the cost of analysis and mitigation - 3

      • Thank you for that, Captain Obvious, but you didn't answer the main question - did they get their data back?

  • I am a firm believer that anybody involved in organized crime should be executed.

  • "The attacker or attackers use a variety of built-in Windows tools to escalate their own privileges, then scan the network for valuable targets .. All tools in this list are publicly available. Most of them are free open source software."

    The solution being to ban all this open source socalist software from the Intertubes :]

Whoever dies with the most toys wins.

Working...