Scarab-Oops Ransomware

Among the latest ransomware threats uncovered is the Scarab-Oops Ransomware. Once malware researchers detected it, they studied this newly emerged threat and found that this file-locking Trojan belongs to the world-famous Scarab-Bin Ransomware family. Cybersecurity experts have noticed the trend of cybercriminals appropriating a well-established ransomware threat like the Scarab-Bin Ransomware, the STOP Ransomware or the Dharma Ransomware, and changing the code so slightly that they can begin spreading it autonomously.

It is believed that the Scarab-Oops Ransomware is spread by faux software updates, spam email campaigns and pirated applications. Upon infecting the victim's computer, the Scarab-Oops Ransomware performs a scan whose intention is to locate the files this threat targets. After this, the second step of the attack is performed – the encryption of the data. When locked, the files would receive a new extension '.Oops' added to the end of the file name. In this case, if you had a file named 'computer-mouse.png,' the Scarab-Oops Ransomware will change it to 'computer-mouse.png.Oops,' and you will no longer be able to use it in any manner. When the encryption process is completed, the Scarab-Oops Ransomware will drop its ransom note called 'HOW TO RECOVER ENCRYPTED FILES.TXT.' Cyber crooks often name their ransom notes in all caps to make sure that the victim sees their message. Within the ransom note, the attackers state that the victim should contact them via email on 'dec_helper@aol.com' and 'datarecovery@airman.cc.' Furthermore, they tell the user to attach a few files that would be decrypted by the attackers. That's a common practice among ransomware authors, and its goal is to show the victim that they possess a decryption tool and are capable of unlocking the encrypted data.