Scarab Ransomware Distributed to Over 12.5M Email Accounts

Scarab Ransomware Explodes Worldwide

A new ransomware variant, deemed Scarab, began taking the world by storm earlier this month.  The new variant was first discovered on November 23, 2017.  Since being discovered, it is believed the ransomware was sent to over 12,500,000 different email accounts.  The emails distributed included the ransomware in a .zip file, which upon downloading would install Scarab onto the recipient’s device.  Upon installation, the ransomware would target files for encryption.  After the file was encrypted, it would change the file extension to .scarab.  According to Infosecurity Magazine, the recipient email addresses ended in .com and co.uk.

The hackers are informing their victims, in order for the files to be unlocked, they must pay an undisclosed amount of money through bitcoin payments.  Bitcoins are a virtual currency, that hackers prefer to use as their method of payment due to the lack of ability for it to be traced.  Although, PC Matic does not encourage any victims to pay the ransom demand for the following reasons,

  • There are no guarantees paying the ransom will unlock the files
  • Paying the ransom puts a target on your back — if you’ve paid once, hackers believe you’ll likely pay again
  • Paying the hackers only fuels their fire to keep infecting more people and more devices for higher paydays

Ransomware Prevention

Instead, if you are a victim of ransomware, you should retrieve your files via backups.  Better yet, be proactive.  Instead of wondering what to do after infection, prevent them from infiltrating the system to begin with.  You can do so by taking the following steps:

  1. Implement a security solution that uses application whitelist technology.  PC Matic, PC Matic Pro and PC Matic MSP use their own, automated global whitelist to prevent cyber threats from executing — including ransomware.  To date, none of their customers have been infected with any of the global ransomware attacks – WannaCry, NotPetya, Bad Rabbit, or Scarab.
  2. Disable Macros
  3. Evaluate which users have administrative rights
  4. Backup your data
  5. Keep all programs and operating systems updated

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles