Scarab-Fuchsia Ransomware

The Scarab-Fuchsia Ransomware Trojan is designed to take victims' files hostage, making them inaccessible and then demanding a ransom payment. The Scarab-Fuchsia Ransomware is a variant in the Scarab family of ransomware, which has numerous variants. The Scarab-Fuchsia Ransomware was first releasedon April 2019.

The Scarab-Fuchsia Ransomware Belongs to a Huge Ransomware Family

The Scarab-Fuchsia Ransomware uses the AES encryption to make the victim's files inaccessible. The Scarab-Fuchsia Ransomware will replace the victim's files' names with ransom characters using Base64 and will add the file extension '.fuchsia' to the end of each file's name. Threats like the Scarab-Fuchsia Ransomware target the user-generated files, usually leaving the System files untouched. The files targeted by threats like the Scarab-Fuchsia Ransomware may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

After encrypting the victim's files, the Scarab-Fuchsia Ransomware delivers a ransom note which reads as follows:

'Hello.
All your files have been encrypted due to a security problem with your PC.
For information on decoding, please write to the email HanzOttoschmidt[at]protonmail.com
Your files are now encrypted.
Your personal identifier:
+41AAAAAAAC4e6LKHZIGDORACAN—Miz6z5ivmU9RFGrA2MmeVLNKXS77XH3Ovl2TfxQIEwHBav=61VMtcfj2gvp10=X532okbzam 2U19INEUn6CrPCoz0ZuvvYm8KXcf-FH8Z6M—IgwcVUyHDSWWeraQL5nv9wwu—aGHUWD3LaMp—hklp4uLDdjGhC=IIMP3ZWxS2hSuU rcsillfZ011Vx—sBlVq7nb3UmrawGcdDvxmHgt1DUjgDXRx0R0x1C3Eo0GtSr37+MWx—lySVIdlcyNny+ZOGGmFICITTArgo0FyB VZzxv-FOGRI_gbilv4VwSblQfW9ZI_Ve4d1oElcgEopS=AEEOlySXW7AiwEsZG2xt03tPxCFdND130AwpOosWIMRoDCPRUCIeNXNZx HZ97A6V-Fcj4mdD2Nsow—luTdxWhCt4lRf5w1
Now you should send us email with your personal identifier. Contact us using this email address: HanzOttoschmidt@protonmail.com Free decryption as guarantee! Before paying you can send us up to 3 files for free decryption. The total size of files must be less than 5Mb (non archived), and files should not contain valuable information (databases, backups, large excel sheets, etc.).
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may muse permanent data loss.
* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a tactic.
GeorjeHalique[at]Protonmail.com'

Dealing with Threats Like the Scarab-Fuchsia Ransomware

Malware researchers do not get tired of advising computer users to ignore the instructions in the Scarab-Fuchsia Ransomware ransom note. Paying these ransoms or contacting the criminals responsible for the attack typically just exposes computer users to additional tactics and will almost never have a good result. Having file backups is the best measure against threats like the Scarab-Fuchsia Ransomware. Being able to restore any files compromised by the Scarab-Fuchsia Ransomware from backups stored in the cloud or an external memory device removes criminals' ability to carry out these attacks effectively. Apart from file backups, it is advised the use of a reliable security program that is fully up-to-date.