Scarab-Bin2 Ransomware
The Scarab-Bin2 Ransomware is a variant in the Scarab family of ransomware, and the second version of a threat named 'Scarab-Bin.' The Scarab family of ransomware has been responsible for a large number of variants released between April and July of 2018, making it possible that this family of ransomware has become a RaaS (Ransomware as a Service) platform or it has been released as part of a ransomware builder kit. The purpose of the Scarab-Bin2 Ransomware, like its many predecessors, is to encrypt victims' files and takes them hostage. Then, the Scarab-Bin2 Ransomware will demand a ransom payment to restore access to the compromised data.
The Steps the Scarab-Bin2 Ransomware will Take to Infect a Computer
The Scarab-Bin2 Ransomware uses the AES encryption to make the victim's files inaccessible. The Scarab-Bin2 Ransomware will add the file extension '.bin2' to the end of the file's name after encrypting it. The Scarab-Bin2 Ransomware targets the user-generated files, which may include media files, images, documents, databases and many others. Below are examples of the files that threats like the Scarab-Bin2 Ransomware will target in their attacks:
.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.
The Scarab-Bin2 Ransomware delivers a ransom note in the form of a text file named 'HOW TO RECOVER ENCRYPTED FILES.TXT.' This ransom note contains the following text and is dropped on the infected computer's desktop:
'Your files are now encrypted!
Your personal identifier:
[random characters]
For instructions for decrypting files, please write here:
mrbin775@gmx.de
mrbin775@protonmail.com
If you have not received an answer, write to me again!!'
Malware specialists advise computer users not to contact the Scarab-Bin2 Ransomware's email address or pay the ransom that the criminals demand. However, since the Scarab-Bin2 Ransomware uses an encryption method that is quite strong, the best measure against the Scarab-Bin2 Ransomware is prevention. Once the Scarab-Bin2 Ransomware has compromised your files, they will no longer be recoverable without the decryption key.
Protecting Your Data From Threats Like the Scarab-Bin2 Ransomware
The best protection against threats like A Scarab-Bin2 Ransomware infection can be counteracted by file backups stored in a location that is unreachable by threats like the Scarab-Bin2 Ransomware, such as the cloud or another external device. Apart from file backups, it is important to have a security application always updated. This can be used to protect your computer from intrusion and remove the Scarab-Bin2 Ransomware threat itself (although security software will not be capable of restoring the files encrypted by the Scarab-Bin2 Ransomware attack). Since the Scarab-Bin2 Ransomware's most common way of being delivered involves spam email attachments, learning to spot these email tactics and deal with them effectively are essential parts of ensuring that your computer is protected from threats like the Scarab-Bin2 Ransomware completely. Contacting the criminals or paying the Scarab-Bin2 Ransomware ransom is highly discouraged.
