A Monero Cryptocurrency has been created in 2014, the current price is $316 USD and it’s widely getting popular in cryptocurrency world.
Spritecoin Ransomware also Pretending as a cryptocurrency-related password store along with Monero payment and mimics as a spritecoin Cryptocurrency wallet.
It asks the user to create a desired password to connect with Blockchain but it doesn’t make any connection and it silently Encrypt the victim’s file.
Once all the victim’s file will be encrypted, it demands the ransom asks to pay via Monero cryptocurrency to decrypt the file.
Spritecoin Ransomware also spying to steal the Chrome stored credentials and once it finds no information then it moves ahead and checks the Firefox credentials and it is using SQLite to store the credentials that have been harvested from the browsers.
How Does Spritecoin Ransomware Works
It mainly targeting users who all are interesting in cryptocurrency via forum spam and aslo it using social engineering techniques, without user interaction via exploits.
Attacker manly using some professonal social engineering techniques via crafted malicious email and trick users to click on it.So Spritecoin Ransomware needs some user interaction to successfully exploit Its payload.
Once the Ransomware successfully executed, its prompt used into a page where users urged to “Enter your desired wallet password”
Once password enter, another window shows the user that, it connected into Blockchain. but it is actually a process of the encryption process of users file.
Once the encryption process will be done, its demand 0.3 Monero – which is equivalent to $105 USD. also it generates ransom note that says “Your files are encrypted”.
Also, it transferred the harvested credentials to a remote website. aslo another twist is, if the user trying to pay the ransomware it downloads another payload.