Ransomware gang CheckMate quietly targeting popular file-sharing protocol SMB
Discovered in 2022, it is believed that CheckMate has links to Russia.
According to Cybernews’ research, CheckMate ransomware operators have been conducting operations by targeting weakly protected Server Message Block (SMB) communication protocol used for file sharing to compromise its targets’ networks.
However, unlike other ransomware gangs, CheckMate does not operate data leak websites or brag about its victims.
Source: Cybernews.
Though enough evidence is not available on the average ransom amount the gang demands from its victims, some publicly shared information indicates that it demands around $15,000 for the decryptor. A recent report by the cybersecurity firm Coveware, states that the average ransom payments received by Checkmate in the last quarter of 2022 were over $400,000.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.