Spora ransomware surprises with an excellent support service

Newly discovered Spora ransomware still is a hot discussion topic in the online community. Indeed, it’s not a regular file-encrypting virus which simply encrypts files, provides a brief ransom note and leaves victims on their own to figure out what do now. It seems this traditional description does not go along when talking about Spora and their support service[1]. The developers created a sophisticated and well-design ransom payment website which offers several unique and helpful services for the victims. For instance, victims can purchase virus removal or immunity from the ransomware services. However, the most significant feature is real-time chat window which allows communicating with hackers directly. It seems that developers of the ransomware take full attention to providing the best support service people have ever had. The online community keeps discussing about friendly hackers who gave a discount or provided a free decryption for some positive reviews and comments on websites or forums. However, it’s nothing more than marketing.

Spora ransomware provides an excellent support service

Malware researchers noticed that the Spora ransom payment website differs from others because of the spectrum of offered applications. Victims can choose what services they need: to remove the virus, restore files, get immunity from other ransomware attacks or get a full package of these services. This clearly shows how ransomware business evolves[2] and grows. Another significant feature is a real-chat window. We could expect that hackers do not respond to the messages or are not willing to help with victims. However, hackers take support service seriously[3]. People claim that conversations with hackers might lead to extended ransom payment deadline, discounts or even free decryption option. Supplications may not help; however, writing positive comments on forums may help. Indeed, the developers ask victims to leave reviews and feedback on Spora support services. It’s nothing else than a word of mouth advertising[4] which helps to build trust in developers. It seems that people who created this ransomware is not only a great programmers but have some knowledge in marketing as well.

Many people look for information on various forums and websites what to do after ransomware attack – remove the virus and lose the files or pay the ransom? Cyber security experts always give the same advice[5] and discourage from transferring Bitcoins. However, people who do not have data backups have lots of doubts. Seeing positive reviews on the shady hackers’ service, reading others experiences on how they got a discount, and other nice words about developers encourages victims to do the same. In this way, hackers raised their chances to swindle more money by simply… being nice. We cannot argue, it’s a smart technique to grow this illegal business. Instead of playing with people fears to lose files, cyber criminals show the human side and gives a hand. However, if you got infected, don’t forget that no matter how sweet and helpful hackers are, they did not have good intentions at first place. Don’t fall for a cheap marketing trick!

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions