Test subject – Scarab ransomware
Scarab ransomware family has been very active in the past few weeks. More than five variants were discovered just last week, dominating the ransomware market, and it looks like its developers continue to release new versions. Today’s video will cover the “bomber” variant, named after the extension it appends to the encrypted files. It targets mainly Russian speakers. Thankfully some variants in certain conditions are decryptable.
Scarab ransomware test facts
Being a fairly basic (but efficient) ransomware, the encryption starts minutes after the payload is executed, not instantly as most malware of its kind do. The payload can land on the victim’s computer by infected scripts and executables, hacked Remote Desktop services and email campaigns, so make sure you’re never downloading or opening suspicious files from the internet and email attachments. Scarab will attack whatever gets in its way, just enough not to corrupt the entire system. Most programs will stop working as well, as both “Program Files” folders are encrypted.
There’s not much to do from this point on. Attempts can be made to decrypt the corrupted files using third-party tools, but these not always work, especially between variants.
Scarab ransomware test results
TEMASOFT Ranstop detects Scarab ransomware easily once it starts encrypting files. Upon detection, the user is alerted, and the ransomware process is stopped and quarantined. The affected files are automatically restored so that the user doesn’t lose her critical documents.
Last, but not least, paying the ransom is never recommended, this can do more harm than good in the future, as the cybercriminals may use your collected data for other malicious actions. One of the best ways to protect yourself from future attacks is to install Ranstop, as it will effectively stop the malware, prevent further damage in your network, and get your files back without any other manual intervention.
About TEMASOFT Ranstop
TEMASOFT Ranstop is an anti-ransomware software that detects present and future ransomware, based on file access pattern analysis with a high degree of accuracy. At the same time, it protects user files so that they can be restored in case of malware attacks or accidental loss.
For more information, follow us on social media and subscribe to our newsletter.