SamSam caused an aggregate loss of over 30 million US dollars, adversely affecting over 200 educational institutions and hospitals.
During the two and half year period between 2015 and September 2018, ransomware SamSam hit the headlines for duping several targets primarily in the US and UK regions.
The Malware encrypted the victims’ system and provided a decryption key only when the victim paid these miscreants, a ransom in Bitcoin.
Apparently, the schemers were working under the notion that cryptocurrency is untraceable. Now that’s something that the FBI has proved to be nothing short of a myth. In addition to that, this investigation also throws light on how even the dark Web Services can be traced.
FBI’s Findings
The FBI has recently managed to gather enough evidence to have the two SamSam conspirers indicted, Mohammad Mehdi Shah Mansour, aged 27 and Faramarz Shahi Savandi, aged 34, have been accused in this case. They reportedly operated from Iran, where they currently reside.
Despite the territorial limitations, the FBI has clearly stated its intent to pursue these miscreants.
Amy Hess, The Executive Assistant Director for the FBI said
“Regardless of where a criminal resides, we will pursue. We will make traveling, business relations, and networking painful for those who commit these acts. We will stay on the case, and we will catch them when they slip up.”
The Indictment
The accused Mohammad Mehdi Shah Mansour and Faramarz Shahi Savandi were indicted on 26th November 2018, by a Federal Jury, sitting in the District Court of New Jersey.
Charges faced by the miscreants include conspiracy to commit fraud, conspiracy to commit wire fraud, intentional damage to protected computers and demands for ransom in order to refrain from destroying encrypted data on a protected computer.
The two accused for the SamSam Ransomware conspiracy allegedly stashed away over 6 million US Dollars. Since certain businesses run online or had their centralized data centers under siege, they seemed to have succumbed to the demands.
The miscreants had adequately planned their moves, and targeted businesses such as Healthcare, Transportation, and similar organizations by encrypting their data, only to offer a decryption key within a limited timeframe for a certain amount of Ransom, which was to be paid in BitCoin.