March 29, 2016 by

FBI Puts out Ransomware Alert Seeking Help from Companies, Researchers

The FBI has put out an alert seeking help from businesses and security experts for emergency assistance in a ransomware investigation. The ransomware virus is a new strain called MSIL/Samas.A.

The alert was obtained by Reuters who revealed that the FBI stated in a confidential “Flash” advisory: “We need your help!”. The alert was issued on Friday, March 25 and focused on a new strain of ransomware called MSIL/Samas.A.

The FBI first reported on the ransomware back in Feb 18 that did not seek help the way the latest alert did. The strain of ransomware was particularly targeting out-of-date versions of a certain type of business software called JBOSS.

The alert stated that the newly discovered ransomware sought to encrypt data on entire networks. This is a staggeringly gloomy prospect, since ransomware normally targets individual computers, rather than entire networks of them.

The alert came with a plea, asking recipients who were businesses and software security experts for “emergency assistance” in an investigation by the FBI into the new malware.

The plea sought recipients to immediately reach out to the FBI’s CYWATCH cyber center division if they discovered any evidence of an attack involving the ransomware. The same applies for any information or knowledge about the ransomware scavenged by security researchers.

The latest report revealed that FBI investigators determined that the malicious hackers deploying the ransomware and initially making use of JexBoss, a software tool used to automatically discover any vulnerable JBOSS-running networks. Once determined, a ransomware attack is launched, allowing the hackers to remotely install ransomware onto the computers.

The FBI also included a list of technical indicators to aid companies in determining if they were victims of such an attack. The advisory further stated:

The FBI is distributing these indicators to enable network defense activities and reduce the risk of similar attacks in the future.

Companies and businesses that rely on computers for critical functions are those hit hardest by ransomware, because cybercriminals know the importance of computers in the day-to-day business activities of such businesses. For instance, hospitals and police have notably paid ransoms in recent times in order to recover data that is essential for their professions.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Robots are Now Vulnerable to Ransomware Attacks

Security researchers have put the spotlight on malware affecting humanoid robots with the first...

Read more arrow_forward

Free Decryption Tool Brings Respite to Victims of Aggressive Ransomware

A new and unusual family of ransomware has met its match after a ransomware tool backed by Europol...

Read more arrow_forward

Ransomware is ‘Modern-Day Extortion’, Says McAfee CEO

The chief executive of cybersecurity firm McAfee has labelled ransomware as the modern day answer to...

Read more arrow_forward