New Variant of SamSam Ransomware Requires Password To Run Its Payload

SamSam Ransomware

Recently updated dangerous cyber threat named SamSam Ransomware has comes with some impressive features. Before running its malicious payload onto the targeted Windows computers, the operators of this malware requires a password that should be entered through the command line. After that, the threat starts encoding the specific files types saved on victim’s machine. However, the newest version of SamSam Ransomware, a type of crypto-virus cannot proliferate automatically and needs user intervention to invade their system and cause serious damages.

In its previous version, the payload of ransomware spreads along with the malicious executables and infect the user’s machine if they double-click on the file usually arrives their computer attached in a file with spam email. Now, in the updated version of SamSam Ransomware, it only infects the specific computers that are remotely approved by the cyber extortionists through Command and Control server and then it starts encoding the user’s data and demands ransom money from them. Technically speaking, cyber security analysts are not able to test the samples of SamSam Ransomware.

Since, the malware cannot be executed on various systems by simply downloading it, the researchers are unable to analyze the main payload of SamSam Ransomware. Hence, the latest update in this ransomware is considered as a significant change to the cyber community. However, security investigators have detected some fundamental components that are extremely required for the invasion and attack of dangerous SamSam Ransomware virus. The first one is the direct involvement of criminal hackers and others are just few computer files.

Based on the recent research report, the file which contains the ransomware payload needs to be executed manually. Latest version of SamSam Ransomware is especially designed by the team of criminal hackers in order to run a ‘.NET’ file which decodes the enciphered sub file and then allow the racketeers to enter the password via command and control server remotely and then execute the harmful bat files. What’s more interesting, the hackers responsible for this vicious attack do not spread the SamSam Ransomware through spam email campaigns or other standard but deceptive tactics.

Also Read: SamSam Ransomware That Attacked Atlanta Likely To Strike Again

Moreover, the sole intention of the operators of SamSam Ransomware is to hack into the networks and the servers of organizations and then execute the payload of this recently updated file-encoder virus in order to gain more significant benefits. Likewise, the password protection technique of this ransomware will increase the chances of successful intrusion of the malware and harder possibilities for decrypting the threat by security researchers. According to the security analysts, the password of SamSam Ransomware might only be gained if the attack of this vicious threat gets intercepted during its intrusion.