SamSam Ransomware Crew Made Nearly $6 Million From Ransom Payments (bleepingcomputer.com) 20
The SamSam ransomware, which if you remember was at play in an attack in Atlanta city earlier this year, has earned its creator(s) more than $5.9 million in ransom payments since late 2015, BleepingComputer reported Tuesday, citing what it called the most comprehensive report ever published on SamSam's activity. The report, it said, contains information since the ransomware's launch in late 2015 and up to attacks that have happened earlier this month. BleepingComputer: Compiled by UK cyber-security firm Sophos, the 47-page report is a result of researchers collecting data from past attacks, talking to victims, and data-mining public and private sources for SamSam samples that might have slipped through the cracks. In addition, Sophos researchers also partnered with blockchain & cryptocurrency monitoring firm Neutrino to track down transfers and relations between the different Bitcoin addresses the SamSam crew has used until now.
By tracking all the Bitcoin addresses researchers were able to find, Sophos says it identified at least 233 victims who paid a ransom to the SamSam crew, of which, 86 went public with the fact that they paid the ransom, allowing Sophos to create profiles about each of these victims. Researchers say that based on the data of these 86 victims, they were able to determine that around three-quarters of those who paid were located in the US, with some scattered victims located in the UK, Belgium, and Canada.
By tracking all the Bitcoin addresses researchers were able to find, Sophos says it identified at least 233 victims who paid a ransom to the SamSam crew, of which, 86 went public with the fact that they paid the ransom, allowing Sophos to create profiles about each of these victims. Researchers say that based on the data of these 86 victims, they were able to determine that around three-quarters of those who paid were located in the US, with some scattered victims located in the UK, Belgium, and Canada.
They paid the ransom. (Score:2)
I've heard about some of these guys actually having a chat-room to help victims figure out how pay them in bitcoin and make sure the files are recovered. Nothing like an honest criminal -- OTOH you're more apt to pay them if it's well known you'll actually get your data back. "Thank you for volunteering to be a customer, please come again!"
The FBI doesn't want you to pay them, because you
Re: (Score:1)
In most all cases the ransom paid is far less than just about any other single cost the company would incur after being a victim.
Physical losses
Loss of data - in typical cases they know where your backups are and they encrypt those too (see part about they infiltrate, learn and then attack
Loss of productivity - computers dont work, people cant work, stuff isnt made, stuff isnt shipped, orders are missed
And thats just a small picture of the physical losses
Then there is the cost of analysis and mitigation - 3
Re: (Score:2)
Thank you for that, Captain Obvious, but you didn't answer the main question - did they get their data back?
execute them (Score:2)
I am a firm believer that anybody involved in organized crime should be executed.
Re: (Score:2)
First let's focus on not re-electing them.
MICROS~1 Windows strikes again :] (Score:2)
The solution being to ban all this open source socalist software from the Intertubes