March 29, 2016 by

FBI Puts out Ransomware Alert Seeking Help from Companies, Researchers

The FBI has put out an alert seeking help from businesses and security experts for emergency assistance in a ransomware investigation. The ransomware virus is a new strain called MSIL/Samas.A.

The alert was obtained by Reuters who revealed that the FBI stated in a confidential “Flash” advisory: “We need your help!”. The alert was issued on Friday, March 25 and focused on a new strain of ransomware called MSIL/Samas.A.

The FBI first reported on the ransomware back in Feb 18 that did not seek help the way the latest alert did. The strain of ransomware was particularly targeting out-of-date versions of a certain type of business software called JBOSS.

The alert stated that the newly discovered ransomware sought to encrypt data on entire networks. This is a staggeringly gloomy prospect, since ransomware normally targets individual computers, rather than entire networks of them.

The alert came with a plea, asking recipients who were businesses and software security experts for “emergency assistance” in an investigation by the FBI into the new malware.

The plea sought recipients to immediately reach out to the FBI’s CYWATCH cyber center division if they discovered any evidence of an attack involving the ransomware. The same applies for any information or knowledge about the ransomware scavenged by security researchers.

The latest report revealed that FBI investigators determined that the malicious hackers deploying the ransomware and initially making use of JexBoss, a software tool used to automatically discover any vulnerable JBOSS-running networks. Once determined, a ransomware attack is launched, allowing the hackers to remotely install ransomware onto the computers.

The FBI also included a list of technical indicators to aid companies in determining if they were victims of such an attack. The advisory further stated:

The FBI is distributing these indicators to enable network defense activities and reduce the risk of similar attacks in the future.

Companies and businesses that rely on computers for critical functions are those hit hardest by ransomware, because cybercriminals know the importance of computers in the day-to-day business activities of such businesses. For instance, hospitals and police have notably paid ransoms in recent times in order to recover data that is essential for their professions.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

26% of Ransomware Attacks Target Corporate Businesses

New research from Kaspersky Lab has revealed that the number of ransomware attacks targeting...

Read more arrow_forward

Ransomware Payments to Hit a Record $2 Billion in 2017: Research

According to new research from a cybersecurity firm, ransomware payments will hit a high of $2...

Read more arrow_forward

UK Govt Blames North Korea for WannaCry Ransomware CyberAttack

  The UK government has blamed North Korea for WannaCry - the comprehensive ransomware...

Read more arrow_forward