SamSam Ransomware Comes Back To Target Hospitals

In the beginning of 2018, SamSam Ransomware made the headlines in Computer world. According the the malware researchers, the notorious code infected Computer of high-profile targets like hospital that paid $55,000. SamSam Ransomware is an old variant of Sams ransomware which attack was observed by malware researchers in 2015. The list of the victim of such a malware is really too much long and many of them were belongs to healthcare industry. Among the all victims of this ransomware there is MedStar non-profit group that manages 10 hospitals in Washington and Baltimore area. The cyber hackers behind attack on the MedStar requested about US$18,500 for restoring all locked files but organization refused to pay ransom fee just because it has backup of all locked data and file.

List of Hospitals Infected By SamSam Ransomware

Back to present in 2018, The hacking group behind the SamSam Ransomware targeted several high profile hospitals ICS, a city council form and many more. The reported SamSam Ransomware attacks include one against Adams Memorial Hospital in Decatur, Indiana, Hancock Health Hospital in Greenfield, Indiana, municipality of Farmington, New Mexico, an unnamed ICS company in US, cloud-based EHR provider Allscripts etc.

Unlike the the ransomware campaigns SamSam Ransomware, it also referred to Samas. On January 18th, 2018 the reported of Greenfield has published an article that provide details about the attack of SamSam Ransomware on Hancock Health hospital. The officials of this hospital are admitted that cyber hackers targeted more than 14,00 files and the name of each one is temporarily altered to “I’m sorry”. Hackers provide seven days time frame to pay files but no any patient were recorded.

Malicious Doings & Infiltration Ways of SamSam Ransomware

Despite of consensus, targeted users should not pay ransom fee to security experts under any circumstances. The CEO of Hancock health Steve Long admitted to pay ransom demanded fee by hackers, thus they paid 55,000 USD to regain access to its Systems. Similar to other ransomware attacks, SamSam Ransomware attacks also instruct user to pay ransom fee in BitCoin. According the the ransom note, the Hancock Health hospital has to pay 4 BTC ransom note in just 7 days otherwise they have to suffer with the permanent encryption.

Similar to traditional ransomware, SamSam Ransomware automatically penetrates inside Windows PC. It scans Internet for System with the open Remote Desktop Protocol connection and they break into network by brute-forcing RDP. To install such an infection inside Windows PC, hackers break into networks by brute-forcing RDP endpoints to spread to more PCs. Besides, it creators infected Windows system vis pirated software, bundling method, spam campaigns, junk mail attachments, P2P file sharing sources, torrent attackers, file sharing sources, infected game servers and many more. The developers of SamSam Ransomware always changes its way to infect PC but mainly spread via the Internet. Therefore, it is highly advised to pay attention while performing any online operation.

To delete SamSam Ransomware and other variant of ransomware, visit –

Leave a Comment

Your email address will not be published. Required fields are marked *