Scarab-Barracuda Ransomware

The Scarab-Barracuda Ransomware is an encryption ransomware Trojan that is part of the Scarab family of ransomware Trojans. This ransomware family has been around since November 2017, but the vast majority of its variants did not start to appear until Spring and Summer of 2018. Malware researchers suspect that these variants, which include the Scarab-Barracuda Ransomware, are the result of the Scarab Ransomware being made available to criminals as a RaaS (Ransomware as a Service) platform or in a ransomware builder kit. The Scarab-Barracuda Ransomware, like many other variants in this ransomware family, was designed to keep the victims' files unreachable and then demand a ransom payment from its victims. The Scarab-Barracuda Ransomware uses a strong encryption algorithm to make the victim's files inaccessible.

Symptoms of a Scarab-Barracuda Ransomware Attack

Using the AES encryption, the Scarab-Barracuda Ransomware will take over the victim's computer, cutting off access to the victim's data by using the AES encryption. The Scarab-Barracuda Ransomware will target the user-generated files, which may include a wide variety of file types. The following are examples of the files that threats like the Scarab-Barracuda Ransomware will target in their attacks:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

Threats like the Scarab-Barracuda Ransomware will target the user-generated files while avoiding the Windows system files. This is because threats like the Scarab-Barracuda Ransomware depend on the victim to be able to access their computers to read a ransom note and pay a ransom for the decryption key needed to restore the compromised files. The Scarab-Barracuda Ransomware and other encryption algorithms demand a ransom payment by delivering a ransom note, which will be in the the form of a text file dropped on the infected computer's desktop, by changing the affected PC's Desktop wallpaper image, or using Windows error messages or program windows to deliver messages to the victim. In all cases, the ransom note demands that the victim contact the criminals and pay a large amount of money in exchange for the decryption key.

Dealing with Infections Like the Scarab-Barracuda Ransomware

Contact with the criminals responsible for a Scarab-Barracuda Ransomware attack may be a waste of time. In most cases, the criminals will simply take the victim's money without restoring the victim's files, and they will then target the victim for additional attacks since the victim already has demonstrated a willingness to pay and a vulnerability to the attacks. Furthermore, paying these ransoms allows the criminals to continue creating and distributing these threats, and claiming new victims every day. Instead of paying the ransom, take precautions against these threats, such as having file backups and using a security program that can prevent threats like the Scarab-Barracuda Ransomware from being installed.