• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • Ransomware Services
    • Ransomware Removal
    • Ransomware File Recovery
  • News
  • Tutorials
  • Ransomware TV

Experts Discover New Scarab Variant

January 17, 2019Simeon Georgiev

Apart from stumbling upon new cryptovirological strains, ransomware removal experts regularly discover the variants of existing ransomware families as well. For instance, a team of malware hunters has recently discovered a variant of Scarab ransomware.

According to the initial investigation, the new Scarab edition uses email attachments and compromised URLs to drop the cryptovirological payload. After the completion of encryption, the affected files are appended with the extension ‘[email protected]’ and a ransom note in a text file appears on the screen.

The attackers urge victims to immediately contact them in order to pay a smaller extortion amount. The operators don’t mention any particular ransom amount. Nevertheless, they provide a short guide in the note for the affected users to purchase Bitcoins as a ransom payment.

In order to confirm that they possess the complete decryption code for unlocking the encrypted files, the operators offer free decryption of one file of up to 10 MB. The attackers also direct the victims to not send the file with important information such as databases and large spreadsheets.

The attackers also warn the affected to refrain from renaming the encrypted files because it can permanently corrupt them. The attackers also threaten to increase the ransom amount if the targeted users try to attempt ransomware removal through any third-party software.

Like other Scarab strains, the latest discovery also used the combination of RSA and AES encryption module to lock down the files on targeted devices. This combination turns out to be really lethal because it generates a unique decryption key for every affected device, which is only stored in the command and control server of the attackers. This means ransomware removal experts can’t come up with a single decryption key to disinfect multiple affected devices. They have to work out a different decryption key for every single infection.

Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: [email protected]
Previous post Healthcare Entities, Ransomware Threat and 2019 Next post Cryptovirological Discovery: Tunca Ransomware

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Ransomware: 4 Types of the Latest Trend in Cybercrimes

February 1, 2018Simeon Georgiev
Ransomware: 4 Types of the Latest Trend in Cybercrimes

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • How to protect your organization against ransomware reinfections
  • AuKill Helps Ransomware Operators Disable EDR and Security Tools
  • AI-ransomware is a real threat, just not a realistic one yet
  • Rorschach is the new speed king in the ransomware space
  • The Role of Supply Chain Breaches in Ransomware Attacks

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.