Spark Ransomware

Spark Ransomware Description

Cybercriminals are using a threat tracked as the Spark Ransomware to lock the data of its victims. Due to the military-strength cryptographic algorithm used in the encryption routine of the threat, the affected files are left in a completely unusable state. Recovery without access to the necessary decryption key possessed by the attackers is nearly impossible.

Affected users will notice that nearly all of the files stored on the breached devices now carry a new file extension - '.spark,' appended to their original names. Furthermore, the destructive threat will display a ransom note with instructions from its operators. The ransom-demanding message will be presented to users in the form of a pop-up window.

Ransom Note's Overview

According to the instructions provided in the pop-up window, the victims of the Spark Ransomware will have to pay a ransom using the Bitcoin cryptocurrency, if they want to receive the decryption keys from the attackers. The exact amount of the ransom will be determined after establishing contact with the hackers via their email address at 'notvalidemailadress.ransom@gmail.com.' The pop-up window also contains a countdown timer, showing the time they still have to complete the payment. Spark Ransomware's note warns that any modifications to the encrypted files could lead to permanent loss of data. The same warning also, apparently, is valid if victims try to shut down the compromised device.

The full text of the ransom note is:

'Whats wrong with my files?

Your files have been encrypted and you are now a victim of Spark ransomware!
You can still recover your files, but you will have to pay for a special key that allows you to decrypt the files.
You can buy the decryption key from our email address. Just write to our email and we will send you instructions.
Be sure not to disable or modify encrypted files! If you do, your files will not be recoverable! Don't turn off your computer either!

RISK OF DATA LOSS AND DAMAGE TO THE SYSTEM AFTER SWITCHING OFF THE COMPUTER!

HOW CAN I PAY?

Payment will be made by appointment at the email address provided.
Send us all the information about what happened and then send us the amount in bitcoin.
You must have a bitcoin address. If you do not know how to get the bitcoin address click on the "Don't have a bitcoin address".

notvalidemailadress.ransom@gmail.com'

Related Posts