Unlike most ransomware out there, which focuses mainly on encrypting local files, Samas spreads inside the entire network to encrypt files on every server and computer, the researchers say. This operation is performed in three steps: the attackers steal domain credentials, identify targets via Active Directory reconnaissance, and then move laterally through the network.
- Ransomware – Simple Steps to Online Safety Video Podcast
- Ransomware Targeting WordPress – An Emerging Threat Digest Article
- SyncCrypt Ransomware Hides Inside JPG Files, Appends .KK Extension Digest Article
- The Devil Targets Japan with Bad Rabbit-like Wiper-Ransomware Digest Article
- Windows 10 to Get Built-in Protection Against Most Ransomware Attacks Digest Article