SpartCrypt Ransomware

SpartCrypt Ransomware Description

Most ransomware threats nowadays are simply variants of already existing threats. This is because it is far easier to borrow the code from an existing threat and tweak it slightly than build a data-locking Trojan from the ground up. However, there are still cyber crooks out there who opt to make their own file-encrypting Trojans. One of the newest data-locking Trojans that do not appear to share similarities with any of the popular ransomware families is called SpartaCrypt Ransomware.

Propagation, Encryption and the Ransom Note

The infection triggers used by the creators of the SpartaCrypt Ransomware are yet to be determined. One of the most common propagation methods used in the spreading of threats of this type is spam emails. An email that is propagating a data-locking Trojan would often contain a message riddled with social tricks designed to induce the user into opening the fraudulent attachment that contains the harmful code of the threat. However, there are numerous ways to distribute a file-encrypting Trojan, and in this case, spam emails may be just one of the methods. Regardless of how the SpartaCrypt Ransomware sneaks into one's system, its goal is simple – locate the user's data and encrypt it. The SpartaCrypt Ransomware appends a new extension to the locked files – '.SpartCrypt[LordCracker@protonmail.com]-[ID-].Encrypted.' The SpartaCrypt Ransomware drops a ransom message for the user, which will be located in two files – 'Info.hta' and 'How_To_Restore_Files.txt.' It would appear that when constructing the 'Info.hta' ransom message, the SpartaCrypt Ransomware may have been inspired by the Globe Ransomware. However, the SpartaCrypt Ransomware is not a variant of this ransomware threat, and they do not have anything else in common. The attackers have provided two email addresses where the user can contact them – ‘phabos@cock.li' or ‘lordcracker@protonmail.com.'

The Good News

However, building a ransomware threat from scratch is not for everyone, and this is probably what the authors of the SpartaCrypt Ransomware have now learned. Shortly after uncovering the SpartaCrypt Ransomware, malware researchers managed to crack the threat and develop a decryption tool, which was then released publicly for free. This means that the users who have been affected by the SpartaCrypt Ransomware and have had all their data encrypted by this nasty threat will be able to reverse the damage free of charge. It is likely that the authors of this file-encrypting Trojan will not be able to cash in on much due to the fast reaction and great skills of the cyber security experts who took it upon themselves to combat this threat.

Even if there was no free decryption tool available, it is never a good idea to contact the authors of ransomware and attempt to negotiate with them. They are not individuals who deserve your trust or your money. Most users who have opted to pay the ransom fee demanded have never received their decryption key as ransomware authors lose interest in cooperating quickly when they get the victim's money. Downloading and installing a genuine anti-virus solution is the safest way to remove a data-locking Trojan from your computer.

Do You Suspect Your PC May Be Infected with SpartCrypt Ransomware & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like SpartCrypt Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.