Thursday, December 6, 2018

SamSam Ransomware Actors Magnify Exploitation of Victim Network Vulnerabilities

This report is an update to previous Wapack Labs postings regarding the SamSam malware.  US federal authorities are providing current information about the vulnerabilities and exploits used to deploy SamSam ransomware, also known as MSIL/Samas.A.  This malware was being deployed by cyber criminals Mohammad Mehdi Shah Mansouri and Faramarz Shahi Savandi.  On 26 November 2018, the District of New Jersey indicted Mansouri and Savandi for developing and deploying SamSam ransomware.  SamSam infects whole networks and encrypts victim data, allowing Mansouri and Savandi to demand considerable ransoms in Bitcoin in return for decryption keys.

To read the full article and find an archive of related reporting, follow this link to READBOARD.