SamSam malware puts 2,100 servers at risk of Ransomware attack

A new study by Cisco Talos revealed that more than about 2,100 servers across 1,600 different networks have been compromised. The research by Cisco security personnel shows that, ‘In past few months a ransomware campaign is going on which has changed the landscape of ransomware delivery.’

Cisco researchers discovered this SamSam malware last month; researchers find SamSam pretty different from the previous malwares – which encrypted data and demand ransoms. SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits.

This particular family seems to be dispense via compromising servers and using them as a foothold to move laterally through the network to compromise additional machines which are then held for ransom. The industries which may be targeted in coming days because of SamSam server attacks are; government departments, aviation companies, schools and universities.

According to the Cisco Talos blog post, “we scanned for machines that were already compromised and potentially waiting for a ransomware payload. We found just over 2,100 backdoors installed across nearly 1600 ip addresses.”

How to evade SamSam Malware from encrypting your data 

If you diagnose a webshell on your organization’s server; you need to act immediately and take proper steps to address the threat. 
  • Your first step should be to remove the external access of your server. This will give you time to respond and also prevent outside access to your servers. 
  • Second step should be re-imaging the systems and install the latest version of software. This is the best solution to prevent outside breach or access of your server. 
  • In case you failed to re-build totally, your only option left is to restore backup before the server was compromised. Then, update the server to the updated version before returning it to production. 
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What is ethical hacking and how you can start?

The world is relying on the internet increasingly every day. Banking, e-commerce, social media, and all manner of government and industrial systems are now...

The Lies of VPN Service Providers

Privacy, anonymity, and security is the main concern for an online user. Many VPN service providers claim that their service helps the user protect...

4 Easy Ways To Help Your Startup Stand Out

There has not been a time in modern history more competitive for new businesses than now. In some ways, this is a very good...

Top Suggestions To Minimize Cyber Attack Risks

The Cyber Protection and Cyber Attack definition play an important role in maintaining both global security and operational productivity due to the rapid proliferation...

LOOKING FOR HACKING RECIPES FORM THE PRO?

Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.