'.com File Extension' Ransomware

The Scarab-crabs Ransomware is an encryption ransomware Trojan, designed to lock the victims' files to extort them and extract a ransom payment. The Scarab-crabs Ransomware belongs to the Scarab Ransomware family, a large family of encryption ransomware Trojans that carry out identical attacks. Threats in the Scarab Ransomware family carry out highly effective ransomware attacks that cannot be undone; once the Scarab-crabs Ransomware has encrypted the files, they cannot be restored, meaning that file backups are generally the only recourse once files have been compromised by the Scarab-crabs Ransomware.

How the Scarab-crabs Ransomware Attack Works

The Scarab-crabs Ransomware uses the AES and RSA encryptions to make the victim's files inaccessible. The Scarab-crabs Ransomware then demands a ransom payment from the victim in exchange for the means to restore the affected data. The Scarab-crabs Ransomware demands its ransom note in the form of a text file named 'HOW TO DECRYPT FILES.txt' that is dropped on the infected computer. Computer users are counseled to take precautions against threats like the Scarab-crabs Ransomware, mainly by ensuring that they have ways of restoring any data compromised by this attack. However, threats like the Scarab-crabs Ransomware do not encrypt the entirety of the contents of the infected computer. If they do it, they would not be able to demand a ransom payment, since the affected computer would be unusable entirely. The Scarab-crabs Ransomware and similar threats attack the user-generated files while avoiding the Windows system files and similar data. The files targeted by threats like the Scarab-crabs Ransomware may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Scarab-crabs Ransomware's encryption makes the damaged files easy to identify because the Scarab-crabs Ransomware adds the file extension '.crabs' to each compromised file's name. The Scarab-crabs Ransomware ransom note itself is short, asking the victim to contact the criminals via the email addresses crabs34@firemail.cc or reserve34@firemail.cc where the victim will be asked to pay a ransom amount via Bitcoin.

Protecting Your Data from Threats Like the Scarab-crabs Ransomware

Threats like the Scarab-crabs Ransomware are typically distributed via email, using social engineering techniques to trick computer users into downloading and opening files with corrupted embedded scripts. Learning to recognize these tactics and act appropriately is an important part of preventing the Scarab-crabs Ransomware attacks and similar threats. It is also unavoidable to have backup copies of all data and store these backups in safe locations. Apart from file backups, computer users must use a security program that is up-to-date.