The FBI Needs Help Combating A New Strain Of Ransomware

According to the Reuters global news wire, the Federal Bureau of Intelligence has reached out to cyber security experts over the long Easter weekend for help in fighting a new strain of ransomware.

This post originally appeared on Kotaku.

The strain is supposedly called MSIL/Samas.A, which encrypts the victim's files and then demands payment in the form of bitcoins or various international bank transfers before the data is unlocked.

The FBI sent out a notice over their FBI Liaison Alert System (FLASH) on Saturday Australian time. The latest strain tries to encrypt data over entire networks rather than individual computers, making it vastly more dangerous than existing ransomware.

It comes after the largest healthcare provider in Washington D.C. and Maryland, MedStar Health, was forced to take down "all system interfaces" following a ransomware attack. "The organisation has moved to back-up systems and] paper transactions where necessary," MedStar's statement read, as reported by CSO Online.

The latest report from the FBI about MSIL/Samas.A said that a software suite called JexBoss was being used to automatically find vulnerable systems, which could then be used to remotely install ransomware across the compromised network.



    One of our client recently fell prey to this when they opened the attachment on a fake email. Unfortunately as it is a SMB she had local admin and access to all the data shares on there server so it went through and encrypted a ton of files on the server.
    2 days later we had them back up and running but it was not fun.

    Moral of the story is don't open emails unless you know the sender............
    also don't give your users local admin as most of these require it to run.

    Finally one last tidbit is that we have found malewarebytes seems to be the best for detecting and eradicating these nasties.

Join the discussion!