SAMSAM

GPTKB entity

Statements (32)
Predicate Object
gptkbp:instanceOf ransomware family
gptkbp:alsoKnownAs gptkb:SamSam
Samas
gptkbp:customizedAttacks yes
gptkbp:encryption gptkb:RSA
gptkb:AES
gptkbp:enemyOf ransomware attack
gptkbp:estimatedDamage over $30 million
gptkbp:firstObserved 2015
https://www.w3.org/2000/01/rdf-schema#label SAMSAM
gptkbp:interruptedBy gptkb:US_Department_of_Justice
gptkbp:notableEvent City of Atlanta ransomware attack (2018)
gptkbp:notableFor 2016
2017
2018
gptkbp:notableVictim gptkb:government_agency
educational institutions
healthcare organizations
municipalities
gptkbp:perpetrator gptkb:Iranian
gptkbp:perpetratorArrested 2018
gptkbp:ransomDemanded gptkb:Bitcoin
gptkbp:spreadTo manual deployment
gptkbp:supportsLanguage English
gptkbp:target Microsoft Windows systems
gptkbp:targetedAttack yes
gptkbp:usesMalware crypto-ransomware
gptkbp:vectorFor brute-force attacks on RDP
exploiting unpatched vulnerabilities
stolen credentials
gptkbp:bfsParent gptkb:YG_Plus
gptkbp:bfsLayer 7