You may remember back in August 2018 we reported about SamSam ransomware, targeting public and private sector organisations around the world.
This week, two Iranian men have been charged for the alleged deployment of the malicious software, infecting more than 200 victims – mainly in the US and Canada.
According to the six-count FBI indictment, 27-year-old Mohammad Mehdi Shah Mansouri and 34-year-old Faramarz Shahi Savandi are thought to have earned more than $6m in victim payments since their campaign started in December 2015.
The pair are accused of using either brute force attacks or stolen credentials to infect servers and once users discovered their computers were encrypted, they were instructed to make Bitcoin payments through a Tor hidden site. After payment was made, they would be sent tools to help decrypt their network.