Ransomware gang CheckMate quietly targeting popular file-sharing protocol SMB
Discovered in 2022, it is believed that CheckMate has links to Russia.
According to Cybernews’ research, CheckMate ransomware operators have been conducting operations by targeting weakly protected Server Message Block (SMB) communication protocol used for file sharing to compromise its targets’ networks.
However, unlike other ransomware gangs, CheckMate does not operate data leak websites or brag about its victims.
Source: Cybernews.
Though enough evidence is not available on the average ransom amount the gang demands from its victims, some publicly shared information indicates that it demands around $15,000 for the decryptor. A recent report by the cybersecurity firm Coveware, states that the average ransom payments received by Checkmate in the last quarter of 2022 were over $400,000.