- Deze whitepaper is alleen beschikbaar in het Engels -
After hundreds of hours of extensive research by SophosLabs, including original analysis, interviews, research, and more, and working side by side with cryptocurrency monitoring organization Neutrino, we have discovered that the notorious SamSam ransomware has caused far more harm than previously thought – totaling upwards of $6 million.
SophosLabs has uncovered a trove of information about the ransomware, which uses secretive, targeted attacks that differ from the splashy, messy, but effective methods large-scale ransomware attacks use. Rather than stealing money through many, many small transactions over a vast number of victims, SamSam uses targeted attacks by a skilled team or individual, causing maximum damage by tailoring the attack to each victim, with ransom demands in the tens of thousands of dollars.
SamSam has remained elusive, used stealthily and sparingly compared to over headline-grabbing ransomware attacks, undergoing several key evolutions over time. It is a very different sort of ransomware, used roughly once per day in one devastating, handcrafted attack.
The following paper reveals a host of new information on SamSam, examining how it works, how its spreads, how widespread it is – and why we have not, until now, known just how large an impact SamSam has had. We also follow the money, discovering previously unknown victims and payments. Lastly, we’ll discuss what you and your organization can do to guard against this sort of tailor-made, targeted attack.