Thursday, April 24, 2025
HomeCyber Security NewsFBI and DHS issued Alert On Increase in SamSam Ransomware Attacks Targeted...

FBI and DHS issued Alert On Increase in SamSam Ransomware Attacks Targeted Multiple Industries

Published on

SIEM as a Service

Follow Us on Google News

FBI and DHS issued a joint alert on how to handle the SamSam ransomware attacks that targeted multiple industries.

The SamSam ransomware is highly active in 2018, it breaks down 67 different types of organization network across the world especially in the U.S.

Every time it evolves with improved sophisticated capabilities and carefully selected specific organizations such as hospitals, schools, and government sectors.

- Advertisement - Google News

The SamSam group makes extensive use of “living off the land” tactics: the use of operating system features or legitimate network administration tools to compromise victims’ networks.

Threat actors use exploits to gain persistent access to victim’s network and infect as much as possible, attackers either use brute force methods to gain access or through stolen login credentials.

According to the Symantec analysis, out of 67 primarily targeted attacks, 56 were located in the U.S. A small number of attacks were logged in Portugal, France, Australia, Ireland, and Israel.

The advisory comes out after two Iranian Men Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27 charged for deploying Sophisticated SamSam Ransomware on various public sectors, Hospitals, Municipalities that caused $30 million damages and huge information loss.

Once SamSam ransomware encrypted all the files then it leaves ransom notes on the computer and direct victim’s to establish a connection over Tor hidden site to make ransom payment in bitcoin and once payment has done victims will receive instructions to decrypt the files.

DHS and FBI recommend mitigation for users and administrators to strengthen the security posture of their organization’s systems.

Here you can see Ransomware Attack Response and Mitigation Checklist.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory

A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash...

Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities

Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of...

Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score...

GitLab Releases Critical Patch for XSS, DoS, and Account Takeover Bugs

GitLab, a leading DevOps platform, has released a critical security patch impacting both its...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory

A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash...

Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities

Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of...

Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score...