Currently, there are many ransomware families active in the cyber world. New variants of these ransomware families are discovered time and again by cybersecurity experts. In a recent such discovery, experts have detected a variant of Scarab ransomware family called Glutton.
The ransom note appearing on the screen after the exploit is in Russian. This implies that the primary target of Glutton ransomware might be Russian users. As per the current analysis of this Scarab variant, the strain uses AES encryption module to lock down the files on targeted devices.
It is important to note that Scarab ransomware was first discovered six months ago. From then on, several variants of this cryptovirological family have been developed and distributed. The operators of Glutton ransomware demand two Bitcoins for providing the decryption manual to carry out ransomware removal measures. In other words, the instigators of this Scarab variant ransomware are asking for nearly $15,000 in extortion to give the decrypter.
Operators willing to prove their authenticity
As per the ransom note, the operators of Glutton ransomware are willing to prove their authenticity. They offer free decryption of three locked down files to ensure the victims that they have the decryption protocol for complete ransomware removal. However, they have set some preconditions to do free decryptions.
- Each selected files must be less than 10 MB.
- The files must not contain any important information. The operators won’t decrypt any database, large excel sheet and graphics file for free as mentioned in the ransom note.
The operators also threaten to increase the amount of ransom in case the targeted victims contact any third-party services for ransomware removal. Glutton ransomware operators advise users to not try to manually remove ransomware because it can result in permanent loss of data.