Site icon Check Point Blog

Check Point Threat Alert: SamSam and Maktub Ransomware Evolution

Executive Summary

New and evolving ransomware campaigns, dubbed ‘SamSam’ and ‘Maktub’, use techniques not commonly observed in previously known ransomware. SamSam spreads by targeting and infecting servers that contain unpatched vulnerabilities. Maktub and Samsam do not communicate with a C&C server to encrypt files on an infected computer. SamSam’s primary target is the healthcare industry.

 

Description

 

Check Point Protections

 

Figure 1 – Samsam’s ransom message

 

Figure 2 – Maktub’s ransom message

 

Additional Technical References

Exit mobile version