The Scarabey Ransomware is a file-encryption Trojan, which appears to originate from Russia, and also borrows a significant portion of the code used by the Scarab Ransomware. It is safe to say that the Scarabey Ransomware is simply a slightly modified variant of the original Scarab file locker, and judging by the contents of its ransom note, its primary targets are likely to be users who reside in countries where the Russian language is widespread.
The operators of the Scarabey Ransomware are likely to sue a variety of techniques to spread their threatening application. Spam e-mails, fake downloads, fake software updates, and pirated contents are just four of the popular methods that might be used to spread the Scarabey Ransomware, but you can rest assured that the creative minds of these cybercrooks may come up with alternative options as well. Since threats like the Scarabey Ransomware may attack from anywhere, it is recommended to keep your files safe by using a reputable anti-malware software that will prevent corrupted files from receiving a chance to cause any harm. Failing to stop the Scarabey Ransomware on time might lead to significant data loss, and being extorted for money by anonymous cybercrooks.
When the Scarabey Ransomware is deployed to an unprotected PC, it may launch a file-encryption task, which will scan the attached hard drives and begin to encrypt files that match certain criteria silently. The Scarabey Ransomware chooses its targets by checking their file extension. This way, the threat can focus on encrypting documents, spreadsheets, archives, backups, project files, and other data that is likely to contain important information. Whenever a file is encrypted, the Scarabey Ransomware will add the ‘.scarab’ extension to its name. The ransom note is delivered via the file ‘Инструкция по расшифровке.TXT,’ which will be dropped on the desktop, as well as in several other folders.
As expected, the perpetrators of the attack offer to decrypt the files in exchange for money. They do not specify the ransom payment they expect, but they do make sure to inform their victims that only payments via Bitcoin will be accepted. The last bit of the message tells the victims to contact [email protected] for further information on how to complete the payment and get the decryption software. In addition to this, the attackers promise to decrypt two files for free as proof that this is possible.
The recommendation is to ignore the instructions of the Scarabey Ransomware’s authors and take the matter into your own hands by removing the corrupted files from your computer. The only safe way to guarantee the threat’s full removal is to run an up-to-date anti-virus software suite that will detect and remove all harmful files. Once this task is accomplished, you should look into alternative methods that may allow you to get some of your files back if you don’t have a backup.