SamSam may not be the most well known ransomware group, but they triggered a pivotal change when then began operations at the end of 2015. Over the course of nearly 3 years they demonstrated the profitability of extorting businesses instead of consumers and paved the path from $1000 ransom demands to the astronimical sums we see today. Allegedly operating from Iran they demonstrated sanctions evasion, the use of LOLbins and tested the waters for what amounts could be extorted from Western businesses. This podcast explores their operations and explains how they changed the ransomware landscape.

US Department of Justice indictment, wanted poster and victim list