Sophos researchers have published a report on the modus operandi of ransomware-type malware known as SamSam. According to these researchers, the malware, which would have been operating since December 2015, would have obtained $6 million through extortion.
According to the report, this malware would have achieved this amount targeting mainly high-profile victims, almost all in the United States, through more targeted attacks and more substantial extortions, and avoiding mass campaigns.
In addition, researchers also conclude that behind this malware could be a single person, since its development is quite uniform in terms of the use of expressions and language, and also nothing has been leaked regarding the authorship of it, something much more difficult when there are several people involved. Author's caution also influences the development of this, due the different known versions are focused on increasing security measures.