Threat Database Ransomware Scarab-Glutton Ransomware

Scarab-Glutton Ransomware

By GoldSparrow in Ransomware

The Scarab-Glutton Ransomware is an encryption ransomware Trojan. The Scarab-Glutton Ransomware was first detected in the last week of August 2018. The Scarab-Glutton Ransomware is one of the many variants in the Scarab family of ransomware that exist today. This ransomware family has released a large number of variants since Spring 2018, possibly due to its release as part of a RaaS (Ransomware as a Service) or in a ransomware builder kit. The Scarab-Glutton Ransomware poses a significant threat to the computer users' data, who are advised to take precautions against the Scarab-Glutton Ransomware and similar threats.

This Scarab Variant is Hungry for Money

The Scarab-Glutton Ransomware uses the AES encryption to make the victim's files inaccessible, marking all files encrypted by the attack with the '.glutton' file extension added to the targeted file's name. The Scarab-Glutton Ransomware is delivered to the victims through corrupted spam email attachments mainly. Once the Scarab-Glutton Ransomware has been installed, it takes the victim's files hostage and targets the user-generated files, including those with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Scarab-Glutton Ransomware delivers a ransom note in a text file named '!!!HOW TO RECOVER ENCRYPTED FILES!!!.TXT' dropped on the infected computer's desktop, which contains the message:

'Your files are now encrypted!
Your personal identifier:
[random characters]
All your files have been encrypted due to a security problem with your PC.
Now you should send us email with your personal identifier.
This email will be as confirmation you are ready to pay for decryption key.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
Contact us using this email address: gluttonBD@protonmail.com
Free decryption as guarantee!
Before paying you can send us up to 3 files for free decryption.
The total size of files must be less than 10Mb (non archived), and files should not contain
valuable information (databases, backups, large excel sheets, etc.).
Attention!
*Do not rename encrypted files.
*Do not try to decrypt your data using third party software, it may cause permanent data loss.
*Decryption of your files with the help of third parties may cause increased price
(they add their fee to our) or you can become a victim of a scam.'

Dealing with the Scarab-Glutton Ransomware Infection

Unfortunately, if the Scarab-Glutton Ransomware has compromised your files, they may not be recoverable. Because of this, the advised protection against threats like the Scarab-Glutton Ransomware is to have file backups. The file backups, coupled with a good security program, can help you keep your files safe.

Trending

Most Viewed

Loading...