Home Malware Programs Ransomware Spartacus Ransomware

Spartacus Ransomware

Posted: April 16, 2018


The Spartacus Ransomware is a file-locker Trojan: a Trojan that uses encryption for keeping you from opening content including documents and other media. Some of the other symptoms of its attacks include changes to the names of your files and a desktop-blocking ransoming message. Always use free recovery methods for any locked media after having an appropriate anti-malware product uninstall the Spartacus Ransomware from your PC.

The Trojan that's not Exactly a Hero

The cyber-security industry is catching signs of another file-locking threat just beginning to deploy itself, although no victims have yet to appear for independent confirmation of its attacks. This Trojan, the Spartacus Ransomware, operates similarly to families like the Jigsaw Ransomware or the '.wcry File Extension' Ransomware, and makes sure that the victim can't overlook the infection by blocking the entire monitor with its warning. Users storing their media in 'default' Windows locations are at risk of having their files blocked especially.

Although the Spartacus Ransomware uses the traditional mix of the AES and RSA encryptions for locking the files of an infected computer, it's not a direct relative of previous families of file-locking threats. The Spartacus Ransomware also erases all the Shadow Volume Copy content that Windows could use for recovering the files that the Spartacus Ransomware impacts. Malware experts only can confirm the Spartacus Ransomware's encrypting data in the following folders:

  • Downloads
  • Documents
  • Music
  • Pictures
  • Videos

Unlike most Trojans with this payload, the Spartacus Ransomware does not distinguish between different formats of media and locks everything inside of the appropriate folder. When the Spartacus Ransomware finishes this task, it launches a screen-wide pop-up that maintains foreground persistence for blocking the users from their desktops. This window is its ransom note, which contains, as per usual, a request for Bitcoins for the file-unlocking decryptor, and an offer of a free trial for up to five files.

What to Do When a Rebellious Program Takes Your Files

While the Spartacus Ransomware takes its name from a Roman historical figure, its ransoming messages tailor themselves to English speakers without any signs of geo-targeting nationalities any more specific than that. Because some aspects of the Spartacus Ransomware's data-locking routine are hard-coded and, therefore, potentially reversible, malware experts recommend contacting an appropriate cybersecurity institution or researcher for any decryption help you might need. However, having a non-local, secure backup always is the best protection from file-locking Trojans.

The users may sometimes compromise their PCs by opening unsafe e-mail attachments or visiting websites hosting other threats like the Nebula Exploit Kit or the RIG Exploit Kit. Other attacks use brute-force software for cracking login combinations, particularly, ones using non-secure passwords (such as 'admin123' or 'user'). Anti-malware products and minimal security protocols can block the majority of such attacks, although the former also may delete the Spartacus Ransomware safely, upon its arrival.

Criminals aren't going to stop making Trojans like the Spartacus Ransomware until their attacks are no longer profitable. Accordingly, anyone with a computer and data worth paying for should take all the proper steps to keep that drastic decision from becoming necessary.

Loading...