This ransomware was discovered in January 2017, and distinguishes itself from similar threats by a few features, such as the option to work offline, and a ransom payment portal that uses “credits” to manage Bitcoin fees. It has a very well-designed ransom payment portal, customer support and a real-time chat window where victims can get in contact with ransomware operators.
Distinctive feature of the Spora operators is the fact that they have been very indulgent to victims that could not pay the ransom, often offering to extend or even disable the payment deadline altogether.
Furthermore, discounts, free decryptions of important files and deadline extensions had been offered for people who were willing to leave a review of their support service on the Bleeping Computer, Spora ransomware thread. The reason why the Spora crew asks customers for reviews is for other victims to read about their story and feel confident that if they pay, they will receive their files back.
The criminals behind this ransomware operation consider themselves “professionals” and appear to have considerable experience in running ransomware campaigns, according to BleepingComputer.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now