Spyro Ransomware
Infosec researchers have caught a new threatening malware that has been unleashed by unscrupulous hackers. The threat is named Spyro Ransomware and can cause significant damage to any computer it manages to infect. Once inside, Spyro initiates an encryption algorithm with an uncrackable cryptographic algorithm. As a result, nearly all files stored on the device will be rendered both inaccessible and unusable. The goal of cybercriminals is to then extort their victims for money.
Spyro Ransomware's Details
After encrypting each file, the Spyro Ransomware will mark it by changing that file's name drastically. The threat appends an email address, a victim's ID number, and '.Spyro' to the original filenames. The email address is 'BlackSpyro@tutanota.com.' When the encryption process is completed, Spyro proceeds to deliver a ransom note with instructions for its victims. The message is placed inside a text file named 'Scratch.'
The note reveals that the ransom must be paid using the Bitcoin cryptocurrency. It also instructs victims of the threat to locate a file named 'prvkey*.txt.key' that has been created on the compromised device. The specific file may have a number instead of the asterisk symbol. Once located, the file must be sent to the hackers as it is vital to the decryption process. Alongside it, users are allowed to also send a single file that is less than 1MB in size to supposedly be decrypted for free. The note concludes with a warning that tampering with the 'prvkey*.txt.key' file might lead to irreversible damage and make all the encrypted data unsalvageable.
The full text of Spyro Ransomware's note is:
'All Your Files Has Been Encrypted
You Have to Pay to Get Your Files Back
1-Go to C:\ProgramData\ or in Your other Drives and send us prvkey*.txt.key file , * might be a number (like this : prvkey3.txt.key)
2-You can send some file little than 1mb for Decryption test to trust us But the test File should not contain valuable data
3-Payment should be with Bitcoin
4-Changing Windows without saving prvkey.txt.key file will cause permanete Data loss
Our Email:BlackSpyro@tutanota.com
in Case of no Answer:'