The Samas Ransomware Group reportedly raked in an incredible amount of money this year using a different method than most malware authors.
$450,000. That’s how much money the Samas Group made spreading ransomware this year according to a report from Bleeping Computer. There are several well-known ransomware groups now that are making hundreds of thousands of dollars a year using the usual mass infection method, however Samas group took a different approach. In almost all cases, malware authors are looking to spread their ransomware to as many people as possible which gives them a greater chance of encryption and payout, which is the end goal. In the case of Locky, there are some days where millions of emails are sent out with malicious payloads. The greater the target area, the greater the payout in the end.
Samas group uses a different method that should scare companies using typical blacklist based antivirus. They use highly focused attacks on businesses and request large ransoms. This means they may be putting a lot of work into one attack to get a higher pay-day per infection. While taking this approach they would often adapt the ransomware for each target they were going to infect. Typical blacklist antivirus protection just can’t keep up with this approach because malware is only being used once.
PC Matic customers will be protected from this ransomware as it will not be on our whitelist. No matter how many times they tweak the ransomware it will remain unknown and thus blocked by our default deny approach. If you would like to learn more about PC Matic and our global whitelist protection click here. We also offer PC Matic Pro for business and government use, which you can read more about here.
Read the full report on Bleeping Computer’s website here.