SamSam Ransomware Demands Over $33,000 Ransom From Victims

Ransomware has been around for awhile but SamSam ransomware is relatively new to the scene: Consider yourselves warned. We’re used to seeing smaller ransoms for other strains but with SamSam, operators are demanding outrageous ransoms in exchange for decryption. 

As you know, businesses are a huge target for ransomware perpetrators. Without crucial data or access to systems, companies can take a major hit; they could even permanently fail. For that reason alone, many are willing to pay up for those huge ransoms rather than suffer through the costly disruption or failure.

Consumers, on the other hand, are less likely to have a few grand lying around to pay for ransoms that large. In the past, we’ve seen some smaller ransoms hit consumers - averaging around $600 - in exchange for their personal files, pictures and media. However, SamSam ransomware isn’t just asking for a few hundred bucks.

SamSam ransomware is asking for $33,000.

SamSam ransomware is written in C# and makes its way into a system through known, unpatched server vulnerabilities are exposed. Last year, two alerts were issued by the FBI after healthcare facilities were hit. 

"MSIL or Samas (SAMSAM) was used to compromise the networks of multiple US victims, including 2016 attacks on healthcare facilities that were running outdated versions of the JBoss content management application," says the FBI. "SAMSAM exploits vulnerable Java-based Web servers. SAMSAM uses open-source tools to identify and compile a list of hosts reporting to the victim's active directory."

"The actors then use psexec.exe to distribute the malware to each host on the network and encrypt most of the files on the system," added the FBI. "The actors charge varying amounts in Bitcoin to provide the decryption keys to the victim."

Once installed on one machine, it spreads to any other machine connected on the network. The ransoms are updated based on the scope of the infection. 

An article on ZDNet says, “If one machine has been infected, 1.7 Bitcoin (BTC), roughly $4,600, is demanded. If more machines are locked by the ransomware, half will be decrypted for 6 BTC ($16,400), and for all of them, a total of 12 BTC, or $32,800, is demanded.” 

With ransomware becoming more sophisticated by the day, it’s more crucial now than ever to have your backup system in place. 

Reevert was designed to protect Small and Medium Sized Businesses (SMBs) from ransomware. We offer a comprehensive, all-in-one backup and storage solution, designed from the ground up specifically to protect against ransomware and data loss. It features fast hourly snapshots, safeguards your data and backups, and allows extremely quick recoveries. Reevert can image servers and computers, protect network shares and local files and offers offsite Cloud replication.

Don’t pay up if ransomware hits. Restore your data with reevert and focus your attention on what matters: your business, not a ransom. 

Get your free trial of reevert today. 

Try Us

Free Trial    Watch Demo


For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance. No Credit Card required.