SamSam Ransomware: An Elusive Malware
Ransomware is one of the cruelest malware that target your machines and confidential information then ask for money against it. The frequent activities of ransomware these days have been enough to question online security and tools being sold at heavy prices. There is no ambiguity that it’s not just security programs that have evolved and upscaled with technology. Sadly, it is the same with ransomware and other malware that have grown with the help of technology and have become far more devastating. One of such malware is SamSam ransomware that has gone through an evolution to have a better grip over victim’s machine and information.
What is SamSam?
SamSam is has become more dangerous for your data and devices. Other malware infect our systems through malicious downloads from unprotected websites or anonymous emails. SamSam ransomware is driven by attackers, who use dedicated tools to identify the unpatched and unprotected systems online. Once the attackers get through your firewall of computers, they use other tools and scripts to gain credentials and successes of various information. Once a user’s machine is infected with a malware, it downloads additional malicious tools, which may include crypto ransomware.
SamSam is also different from other conventional malware as it doesn’t attack the victim’s machine through their way. Instead, the attackers or developers of SamSam ransomware generate the RSA key pair themselves. When the SamSam ransomware hits your machine, it would establish a communication with its command and control server. The command server would then generate an RSA key pair and would send the public key back to victim’s computer in order to encrypt files and information. Once the files have been locked, SamSam would ask for ransom in form of either money or cryptocurrencies like Bitcoin, Ethereum etc.
Also Read : BabaYaga: Malware That Removes Its Competition
Is SamSam evolving?
Although, most of the malware come and go with time as security agencies and antimalware organizations find their way out. However, SamSam is one of those few malware that have returned after evolving. It has become one of those variants of malware that are growing. Another reason for its rapid rate of attacks is its way of attacking machines, which differs from the way of conventional ransomware. The evolution of SamSam is inspired by the technique that attackers have employed to use dedicated tools that find out the unpatched security tools and the machine with no or minimum online security. Once the SamSam ransomware succeeds in invading a machine, other cyber criminals get motivated in evolving the malicious tools like it.
Overall, SamSam ransomware is not a new entry in the malware section but the new avatar of this tool may be more disastrous due to technological updates in it. If you have been using older versions of your antimalware tools, it is important that you check if you’ve got patches to download to update your tools. In case you do not have any security, program installed on your device, make sure you don’t entertain any anonymous email or attachment with it. Also, do not visit any insecure website or any webpage which do not have SSL certificate. If you know more about SamSam ransomware and wish to share your views on it, do let us know in the comments below.