Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example.
New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started distributing the malware in the wild.
Researchers at Sophos have tracked Bitcoin addresses owned by the attackers mentioned on ransom notes of each SamSam version and found the attackers have received more than $5.9 million from just 233 victims, and their profits are still on the rise, netting around $300,000 per month.
What makes SamSam stand out from other forms of ransomware is that SamSam is not distributed in an unplanned way via spam email campaigns; instead, attackers choose potential targets and infect systems manually.
Attackers first compromise the RDP on a targeted system—either by conducting brute force attack or using stolen credentials purchased from the dark web—and then attempt to strategically deploy SamSam ransomware throughout the network by exploiting vulnerabilities in other systems.
Read more: The Hacker News