Friday, January 13th, 2017
New Sophisticated Ransomware: Spora
There’s a new ransomware in town and it’s designed to be very easy to use. It’s called Spora and it is no different than the ransomware we have heard about these past few years. It infects a system, encrypts its files and then the attackers demand a ransom. However, Spora has some unique characteristics as well.
Firstly, it can encrypt files without having to contact a command-and-control (CnC) server. The malware uses a hard-coded RSA public key, but only to encrypt a unique AES key that is locally generated for every victim.This AES key is then used to encrypt the private key from a public-private RSA key pair that’s also locally generated and unique for every victim. Then, the victim’s public RSA key is used to encrypt the AES keys that are used to encrypt individual files.
There is another way in which Spora stands out from the crowd and that is its payment system. The payment system looks like this:
The creators of Spora have created a system that allows the victims to upload the unique encryption key used to lock their files and fork over a Bitcoin payment. They even provide them with an array of different recovery options. They offer different payment options and the prices are cheaper than other malware infections.
If you want to learn more about securing your network from malware like Spora, please contact our security experts!
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.