Spade Ransomware

Posted: August 13, 2020

Spade Ransomware Description

The Spade Ransomware is a file-locker Trojan that's a variant of the Void Ransomware (also identified as VoidCrypt Ransomware). The Spade Ransomware targets Windows systems, locks their media files by encrypting them, and can terminate some applications that interfere with the attacks. Users with backups safe are, as usual, protected, and anti-malware products can defend PCs by removing the Spade Ransomware on sight.

Taking a Spade to the Endless Void of Criminal Greed

A little-known file-locking Trojan referred to in most circles as the Void Ransomware is already splitting off into a variant or update: the Spade Ransomware. Although malware experts can't confirm yet whether the threat is a full-fledged Ransomware-as-a-Service or mere 'freeware, the Spade Ransomware acts just as extortionist as most similar threats. The Trojan is the greatest danger to Windows users and, possibly, the unprotected servers of business entities.

Like the Void Ransomware that came before it, the Spade Ransomware uses encryption for converting media files, such as pictures and documents, into non-opening copies of themselves, and deletes the originals. The Trojan also adds ransom-related information and its extension to their names, afterward, and creates HTA ransom notes (an advanced HTML page) in each directory with these files. These attacks establish a ransoming scenario where the threat demands a Bitcoin payment within one day before the price of the (potentially non-existent) data restoration rises.

Malware analysts also point out that the Spade Ransomware, like most of the Ransomware-as-a-Services of the day, makes generous use of shell commands. It uses these functions for disabling software, such as some security tools and server management applications, that could interfere with its locking of media. Significantly, it disables the default firewall and startup error messages. Its priorities here imply that the Spade Ransomware's campaign is going after business entities and their Web servers' contents.

Digging One's Way Out of a Dark Data Predicament

The Spade Ransomware's attacks may rely on some of the most well-used tactics for breaching servers worldwide: e-mail attachments with plausible disguises as the 'deliverymen,' or brute-forcing. Workers informed on the dangers of document and spreadsheet attachments can protect themselves by scanning their downloads, disabling macro functionality and turning on visible extensions. Admins also should stay up-to-date with software security patches and use strong passwords on their accounts.

Counteracting a file-locker Trojan's assault on data is easily possible for all users, but mostly, in a preventative sense. Those with backups on other systems can recover without consideration for the ransom. The System Restore Points also can be a valid recovery option in the minority of attacks where the Trojan doesn't delete them. Decryption is, usually, limited or impossible for third parties, although users can always check the availability of free unlocking software for threats from well-known families.

Dedicated anti-malware products also remain highly efficient at catching most Trojans with these payloads and will delete the Spade Ransomware.

It's not for nothing that the Spade Ransomware gives a tight deadline on its payment. By putting a countdown on the victim, the Trojan's author hopes that he'll reap monetary rewards – although, as per the usual for criminals, he may give nothing back in return.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Spade Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

Home Malware Programs Ransomware Spade Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.