Security researchers have spotted the next evolution of ransomware. It's called Spora, and it's been designed to be as easy-to-use as the online stores you frequent. Maybe even easier.
At its core, Spora is no different than the innumerable different strains of ransomware that have plagued consumers and institutions for years. Once a system has been infected it looks for certain types of files, encrypts them, and then demands payment for their safe return.
There are several things that set Spora apart, however. For starters, it can still function if your computer is offline. Even if you quickly realize that you've fallen victim to a phishing attack and disconnect from the Internet, your files can still be encrypted.
Spora is also intelligent enough to leave files in certain important folders untouched. Why? Because its creators know that if a computer is unable to boot normally that their chances of extracting payment from a victim decrease dramatically.
The security researchers at Emsisoft also haven't found any holes in Spora's encryption routines. Spora has been coded with a great deal of care -- not shoddily assembled in a rushed attempt to extort a few extra dollars.
Then there's the payment system. This is where Spora clearly distinguishes itself from the rest of the pack. Here's what it looks like:
Spora's creators have made it easy for victims to upload the unique encryption key used to lock their files and fork over a Bitcoin payment. They even thoughtfully provide victims with an array of different recovery options.
They'll restore two files free of charge, which isn't a unique feature. Victims can also pay to restore only specific files for $30 each -- which might give you an inexpensive out if, say, a full-disk backup is among your encrypted files.
A complete restore is priced at $79, and there are two more options that most victims would probably find very appealing. The Spora infection can be removed for an additional $20.
Want to make sure you never get another Spora infection? Just cough up another $50. Compared to the average payout to a Windows tech support scammer, Spora's prices look like a pretty good bargain.
Bleeping Computer's report notes that Spora is currently only targeting Russian speakers. It's only a matter of time before they cast a much wider net.
