Scarab-Cybergod Ransomware

The Scarab-Cybergod Ransomware is an encryption ransomware Trojan that is part of the Scarab family of ransomware. The Scarab-Cybergod Ransomware poses a real threat to computer users' data, and preemptive steps should be taken to halt the Scarab-Cybergod Ransomware attacks. The Scarab-Cybergod Ransomware was first observed in August 20, 2018, and is part of a wave of Scarab Ransomware variants released in the late Spring and Summer of 2018, associated with a RaaS (Ransomware as a Service) platform possibly.

How the Scarab-Cybergod Ransomware Attacks a Computer

The Scarab-Cybergod Ransomware uses the AES encryption to make the victim's files inaccessible. The Scarab-Cybergod Ransomware, to mark the files it encrypts, adds the file extension '.CYBERGOD' to the file's name. The most common way in which criminals deliver threats like the Scarab-Cybergod Ransomware to victims is through the use of corrupted email attachments, often containing embedded macro scripts to download and install the Scarab-Cybergod Ransomware onto the victim's computer. Once the Scarab-Cybergod Ransomware is installed, it scans the victim's computer for the user-generated files, generally looking for a wide variety of file types that may include media files, numerous types of documents, databases and various other file types. The following are examples of the files that threats like the Scarab-Cybergod Ransomware encrypt in these attacks:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The Scarab-Cybergod Ransomware delivers a ransom note in the form of a text file named 'From Jobe Smith.TXT' after encrypting the victim's files and renaming them (encrypting the file names and adding the aforementioned file extension to each affected file's name). This ransom note contains the following message and is dropped on the infected computer's desktop:

'I am The Lawnmower Man!
And i can make you forget everything you got here!
Or you can make offer for me on my mail:
localgreenskeeper@firemail.cc or jobesmith@airmail.cc
To show you my almighty power I can decrypt few files for you
But dont forget to send me your ID!
Have a nice day!
+++++
Your ID
[512 random characters]'

The recommendation from PC security researchers is to refrain from following the instructions contained in the Scarab-Cybergod Ransomware ransom note.

Dealing with Threats Like the Scarab-Cybergod Ransomware

The best protection against threats like the Scarab-Cybergod Ransomware is to have file backups. Having file backups ensures that computer users can restore their data after a Scarab-Cybergod Ransomware infection. Apart from file backups, a reliable anti-malware program should be present to protect their PCs from intruders. Since the Scarab-Cybergod Ransomware is distributed through spam email scams and corrupted email attachments mostly, it is imperative that computer users learn to recognize these tactics and respond to this content type appropriately.

SpyHunter Detects & Remove Scarab-Cybergod Ransomware