Summary of Sparta Ransomware
- Sparta ransomware, not related to Spartacus ransomware, was first observed in September 2022.
- Sparta is a multi-pronged extortion threat. The attackers exfiltrate all enticing data prior to encrypting devices. Victims are then extorted into paying the ransom to prevent leakage and decrypt their data.
- Sparta ransomware campaigns are focused primarily on targets in Spain.
What Does Sparta Ransomware Target?
- Targets organizations specifically in Spain
- Focus on information technology, manufacturing, insurance, and retail industries
How Does Sparta Ransomware Spread?
- Phish and spear phishing emails
- Exposed and vulnerable applications and services
- Third-party framework (e.g., Empire, Metasploit, Cobalt Strike)
Sparta Ransomware Technical Details
Technical details on Sparta ransomware are currently under analysis.
How to Detect Sparta Ransomware
- The SentinelOne Singularity XDR Platform detects and prevents malicious behaviors and artifacts associated with Sparta ransomware.
How to Mitigate Sparta Ransomware
- The SentinelOne Singularity XDR Platform detects and prevents malicious behaviors and artifacts associated with Sparta
How to Remove Sparta Ransomware
- SentinelOne customers are protected from Sparta ransomware without any need to update or take action. In cases where the policy was set to Detect Only and a device became infected, remove the infection by using SentinelOne’s unique rollback capability. As the accompanying video shows, the rollback will revert any malicious impact on the device and restore encrypted files to their original state.