Yes, there is no known way
to decrypt files encrypted by Spora without paying the ransom since there is no way to retrieve the malware developer's private key that can be used to decrypt your files. Emsisoft explains why in this news article
As with most ransomware infections...the best solution for dealing with encrypted data is to restore from backups
. These types of infections typically will delete all Shadow Volume Copies so that you cannot restore your files via System Restore
, native Windows Previous Versions
or using a program like Shadow Explorer
. But it never hurts to try in case the malware did not do what it was supposed to do
...it is not uncommon for ransomware infections to sometimes fail to properly delete Shadow Volume Copies. In some cases the use of file recovery software
such as R-Studio or Photorec may be helpful to recover some of your original files but there is no guarantee that will work...again it never hurts to try.
If that is not a viable option and there is no decryption fix tool, the only other alternative is to backup/save your data as is and wait for a possible breakthrough
...meaning, what seems like an impossibility at the moment (decryption of your data), there is always hope someday there may be a potential solution so save the encrypted data and wait until that time. Imaging the drive backs up everything related to the infection
including encrypted files, ransom notes and registry entries containing possible information which may be needed if a solution is ever discovered
. The encrypted files do not contain malicious code so they are safe. Even if a decryption tool is available, there is no guarantee
it will work properly or that the malware developer will not release a new variant to defeat the efforts of security researchers so keeping a backup of the original encrypted files and related information is a good practice.
Since the infection has been identified, rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the support topic discussion.
To avoid unnecessary confusion, this topic is closed.
The BC Staff