Threat Database Ransomware Scarab-DD Ransomware

Scarab-DD Ransomware

By GoldSparrow in Ransomware

The Scarab-DD Ransomware is an encryption ransomware Trojan. The Scarab-DD Ransomware belongs to the Scarab family of ransomware threats and is a direct variant of the Scarab DiskDoctor Ransomware. Malware in the Scarab family of encryption ransomware Trojans have been quite active in 2018, with many new variants released in the spring and summer. The Scarab-DD Ransomware itself was first observed in the third week of October and carries out a typical attack of this type.

How the Scarab-DD Ransomware Attacks a Machine

The Scarab-DD Ransomware uses the AES and RSA encryptions to make the victim's files inaccessible with its attack. The Scarab-DD Ransomware targets the user-generated files, which may include media files, databases, and numerous document types. The Scarab-DD Ransomware and similar threats target the file types enumerated below in their attacks:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Scarab-DD Ransomware marks each affected file with the file extension '.DD,' adding it to each affected file's name.

The Scarab-DD Ransomware’s Ransom Note

The Scarab-DD Ransomware delivers a ransom message after the victim's files have been encrypted. The Scarab-DD Ransomware does this by dropping a text file onto the victim's desktop. The Scarab-DD Ransomware ransom note, named 'HOW TO RETURN FILES.TXT,' contains the following message:

'Warning all your files are encrypted !!!
To receive the decoder, you must send an email to
the email address with your personal ID:
decoder-help@protonmail.com
In response you will receive further instructions.
ATTENTION !!!
* Do not attempt to uninstall the program or run
antivirus software.
* Attempts to self-decrypt files will result in the
loss of your data.
* Decoders of other users are incompatible with your
data, as each user has a unique encryption key.
Your personal identifier:
================================================
[random characters]'

Computer users are counseled to avoid contacting the criminals responsible for the Scarab-DD Ransomware attack or paying the ransom. It is highly improbable that the criminals will keep their promise and help restore the victim's data. Unfortunately, the Scarab-DD Ransomware uses an encryption method that damages the files in a way that they cannot be recovered without the decryption key so that the only way to ensure that your data is safe is to have backup copies stored in a location inaccessible to threats like the Scarab-DD Ransomware.

Preventing the Scarab-DD Ransomware Attacks

Apart from file backups, it is crucial to ensure that the Scarab-DD Ransomware does not enter your computer in the first place. Since the Scarab-DD Ransomware is commonly delivered using spam email attachments, being able to recognize and deal with spam email messages is essential. A security program also should be used to intercept the Scarab-DD Ransomware before it carries out its attack.

Trending

Most Viewed

Loading...