Ransomware Alert in Southern California


MSIL/Samas.A (Samas), is a new and sophisticated variant of ransomware used in several significant ransomware attacks affecting medium and large‐sized critical infrastructure organizations in Southern California. Ransomware is a family of malicious software (malware) that locks the user’s system by encrypting the compromised user’s files and demands the user pay a ransom in Bitcoin digital currency to unlock the files.  Extremely successful ransomware campaigns have led to an evolution of malware that targets larger organizations with valuable corporate data in an effort to demand larger ransoms.

Samas does not use typical ransomware tactics such as phishing emails or drive‐by downloads; rather, it uses traditional hacking techniques to take advantage of vulnerabilities and gain access to victims’ networks.

Follow the link below to see if your JBoss installation is at risk: