Scarab-Turkish Ransomware

By GoldSparrow in Ransomware

Translate To:

The Scarab-Turkish Ransomware is a lackluster name that computer security experts use when talking about a file cryptor based on the Scarab Ransomware from June 2017. The Scarab-Turkish Ransomware can be seen under another name — Scarab-Firmabilgileri Ransomware, which is relatively hard to pronounce. As its name suggests, the Scarab-Turkish Ransomware is aimed at PC users based in Turkey. The Scarab-Turkish Ransomware is distributed through spam emails that may reference government officials, hot political topics and famous media persons in Turkey. PC users may be intrigued to preview the proposed email attachments, but they should not do it.

The Scarab-Turkish Ransomware is dropped into the computer if you enable macros and then it would be all too late. The Scarab-Turkish Ransomware performs like the Scarab-Bomber Ransomware and the Scarab-Crypt000 Ransomware. It uses new 'Command and Control' servers and uses a custom extension — '.[firmabilgileri@bk.ru]'. However, the Trojan uses the same encryption engine, it runs commands to remove the Shadow Volume snapshots by Windows and displays the standard Scarab Ransomware message translated into Turkish. The threat is likely to lock access to data containers with the following extensions:

.3gp, .avi, .bmp, .cdr, .csv, .dat, .db, .djvu, .docm, .doc, .epub, .docx, .flv, .gif, .iso .ibooks, .jpeg, .jpg, .mdb .md2, .mdf, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .sav, .tiff, .tif, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psp, .pdb, .casb, .ccp, .cr2.

The encrypted files are given the '.[firmabilgileri@bk.ru]' suffix and something like 'River indigo—Indigofera jucunda.jpeg' is renamed to 'River indigo—Indigofera jucunda.jpeg.[firmabilgileri@bk.ru]'. The first paragraph of the ransom note suggests users contact 'firmabilgileri@bk.ru' if they wish to restore their files, but there is no reliable guarantee that you would receive a decryptor if you are compliant with the terms laid in 'HOW TO RECOVER ENCRYPTED FILES.TXT.' A safer alternative you might wish to explore is to boot backup images and access cloud-storage services like Google Drive. As long as you have exported some backups, the recovery time would be short relatively. You would want to remove the Scarab-Turkish Ransomware with the help of a trusted anti-malware instrument.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Scarab-Turkish Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen