create account

Spora Adds a Wretched New Feature to Ransomware by mrosenquist

View this thread on: hive.blogpeakd.comecency.com
security · @mrosenquist ·
$4.34
Spora Adds a Wretched New Feature to Ransomware
<html>
<p><img src="https://i.imgsafe.org/6f89af063e.png" width="650" height="554"/></p>
<p>Spora, a <a href="http://blog.emsisoft.com/2017/01/10/from-darknet-with-love-meet-spora-ransomware/">new ransomware variant</a> recently discovered, has emerged with advanced features which will cause problems for security solutions working to protect against this type of malware. &nbsp;&nbsp;&nbsp;</p>
<p>I was afraid of this. The motivation and resources are driving attackers to innovate too quickly. Malware and security developers are in a constant race to outmaneuver each other. &nbsp;Ransomware has been a troublesome problem and it is getting progressively worse. Only recently have some security tools been able to zero in on a possible dependency, that resides in most ransomware, to become more effective against this rising scourge. Then the game changes again. &nbsp;&nbsp;&nbsp;</p>
<p>Basically, most ransomware calls back to a Command and Control (C2) site run by the attacker, to get an encryption key that will lock the victim’s files. It happens after the infection, but before any significant damage is done. This was a known point-of-weakness that anti-ransomware/malware security solutions could take advantage of. Looking for this call is a way to detect infections. If the transmission of the0 key can be blocked, the ransomware tends to just sit and patiently wait. This gives time for the security tools to sweep in and eradicate the infection. &nbsp;&nbsp;</p>
<p>Well, no more. Spora has implemented off-line encryption. Spora bypasses the need to call-home for an encryption key and can immediately begin file encryption once it gains a foothold on the target system. It has a few other features, but none more concerning than the offline encryption capability. &nbsp;&nbsp;&nbsp;</p>
<p>This evolutionary change was expected, but we all hoped it would take longer before the ransomware writers would successfully develop and implement such a feature. I expect other ransomware suites to follow suit, as this is a big step forward for the attackers. &nbsp;&nbsp;&nbsp;</p>
<p>Well my security colleagues, it is time to ramp-up our innovation. Let’s get cracking! &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p>
<p><br></p>
<p>Interested in more? Follow me on <a href="http://twitter.com/Matt_Rosenquist">Twitter (@Matt_Rosenquist)</a>, <a href="http://steemit.com/@mrosenquist">Steemit</a>, and <a href="http://www.linkedin.com/today/author/matthewrosenquist">LinkedIn</a> to hear insights and what is going on in cybersecurity.</p>
</html>
👍  , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , and 25 others
properties (23)
authormrosenquist
permlinkspora-adds-a-wretched-new-feature-to-ransomware
categorysecurity
json_metadata{"tags":["security","life","news","technology"],"image":["https://i.imgsafe.org/6f89af063e.png"],"links":["http://blog.emsisoft.com/2017/01/10/from-darknet-with-love-meet-spora-ransomware/","http://twitter.com/Matt_Rosenquist","http://steemit.com/@mrosenquist","http://www.linkedin.com/today/author/matthewrosenquist"],"app":"steemit/0.1","format":"html"}
created2017-01-12 03:34:54
last_update2017-01-12 03:34:54
depth0
children2
last_payout2017-02-12 04:34:24
cashout_time1969-12-31 23:59:59
total_payout_value3.598 HBD
curator_payout_value0.738 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length2,551
author_reputation178,405,687,597,634
root_title"Spora Adds a Wretched New Feature to Ransomware"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id2,225,734
net_rshares24,601,866,598,097
author_curate_reward""
vote details (89)
@maven · 
@mrosenquist, the evolution of crypto lockers is both amazingly fast and amazingly frightening. thanks for the information about Spora.

I would like to take the opportunity to let you know the Maven Guild, focused on promoting and organically growing the social influencers of Steemit have, upvoted and resteemed this piece and featured it on both [Twitter](https://twitter.com/SteemInfluence) and [Facebook](https://www.facebook.com/socialinfluencersofsteemit/).
👍  
properties (23)
authormaven
permlinkre-mrosenquist-spora-adds-a-wretched-new-feature-to-ransomware-20170112t060003300z
categorysecurity
json_metadata{"tags":["security"],"users":["mrosenquist"],"links":["https://twitter.com/SteemInfluence","https://www.facebook.com/socialinfluencersofsteemit/"],"app":"steemit/0.1"}
created2017-01-12 05:59:39
last_update2017-01-12 05:59:39
depth1
children1
last_payout2017-02-12 04:34:24
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length464
author_reputation791,055,014,931
root_title"Spora Adds a Wretched New Feature to Ransomware"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id2,226,427
net_rshares73,639,965,835
author_curate_reward""
vote details (1)
@mrosenquist · 
Thanks @maven!  Ransomware continues to be a blight on modern computing.
properties (22)
authormrosenquist
permlinkre-maven-re-mrosenquist-spora-adds-a-wretched-new-feature-to-ransomware-20170112t161456630z
categorysecurity
json_metadata{"tags":["security"],"users":["maven"],"app":"steemit/0.1"}
created2017-01-12 16:14:57
last_update2017-01-12 16:14:57
depth2
children0
last_payout2017-02-12 04:34:24
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length72
author_reputation178,405,687,597,634
root_title"Spora Adds a Wretched New Feature to Ransomware"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id2,229,385
net_rshares0
Help/Feedback