Spora virus is a new crypto-ransomware which tries to prove that there is never too many layers of encryption when it comes to locking users’ personal data. Just to be sure the victims have no chance of recovering their files, the hackers encrypt the data unlocking key with a double encryption. This means that even for the experts, it will be impossible to bypass the malicious ciphering or extract the decryption key from the program’s source code. This virus is truly an unpleasant surprise that the hackers have prepared for their return after the winter holidays. Fortunately, it encrypts only a few types of files. Nevertheless, the ones that have made it to its target list are fundamental. This list includes Office documents, PDF files, images, backups, and archives. Interestingly, unlike most ransomware, this virus does not append any extensions to the encrypted files, and all of the files remain intact in their folders.
Is it possible that Spora will be the next Locky or Cerber of 2017? The things we already know about this cyber infection point strongly towards this possibility. In fact, Spora’s sudden appearance and rapid distribution are very similar to what we have witnessed with Locky back in 2016. If the virus keeps up the same pace, we will undoubtedly see it reaching the level of the most notorious ransomware viruses and even bypassing it. One of the factors that significantly add to the mounting diffusion of this virus is its well-established distribution techniques and payment system. The virus is deployed on the victims’ computers as an obfuscated HTA executable which the hackers deliver as some deceptive email attachment. When the victims run this file, the virus automatically downloads the malicious payload and immediately begins data encryption that does not stop even if the infected device is offline.
To stop Spora from claiming the throne of this year’s most dangerous ransomware, you should immediately take measures to properly protect your computer as well as inform your less tech-savvy friends about the dangers of ransomware attacks.