Ransomware quickly rose to become the biggest software security threat of 2016. Its meteoric rise as the cybercriminals’ malware of choice was so rapid, the number of ransomware victims increased by a shocking 550 percent last year alone.
One thing about ransomware that’s so appealing to cybercriminals, aside from its profitability, is its adaptability. It’s constantly evolving, as cybercriminals change their code to suit their needs and to elude security software. In fact, in a quarter of 2016 alone, 2,900 modifications to different ransomware variants were detected by security researchers.
One ransomware variant discovered recently may have a new trick or two up its sleeves. Nicknamed Spora, this new malware doesn’t rename the files it encrypts but instead, drops a sleek HTML-based ransom note and a .KEY file with a unique user ID assigned to the victim.
If you proceed with your user ID on the ransom note, you will be taken to a professionally designed website and will be offered two “packages.”
The first option offers a relatively low payment for recovering your files. The second package offers to unlock your files, remove the ransomware and, here’s the fresh twist, grants you immunity from any future Spora attacks. This is certainly a first in ransomware attacks.
Another advanced feature of Spora, which was apparently just added recently, is offline encryption. This is similar to the upgrade the RAA ransomware received last year.
Traditionally, ransomware communicates to its Command and Control (C&C) servers to get the encryption keys used to lock the victim’s files. If security software can detect and block this transmission then the ransomware’s damage can be contained even after an infection.
With offline encryption, ransomware like Spora can begin encrypting files as soon as it infects a victim’s computer since it doesn’t rely on C&C communication. This also means that even offline machines can have their files locked and encrypted.
This is certainly a troubling new feature since it leaves the victim and even security software with no time to spare.
Protect yourself against Spora
As you can see, ransomware is constantly evolving and cybercriminals are always finding new ways to be a step ahead and elude security software.
Aside from being extremely careful with attachments, files and links plus having updated anti-malware software installed in your computer, the best protection against ransomware is still having an external backup of your important files.
Look into backing up on an external drive at the very least. This way, you could just easily restore your important files from your offsite backup if you ever get hit by any ransomware variant.