Home Malware Programs Ransomware Scarab-Barracuda Ransomware

Scarab-Barracuda Ransomware

Posted: July 30, 2018

The Scarab-Barracuda Ransomware is a variant of the Scarab-Rebus Ransomware branch of the Scarab Ransomware's family. Like other versions of these file-locking Trojans, the Scarab-Barracuda Ransomware can use encryption for blocking different files on your computer, erase local backups, and create notes asking for ransoms for restoring any content. Users should have an anti-malware product remove the Scarab-Barracuda Ransomware before employing a backup or public decryption resources.

A Fresh Fish Gnawing at Your Data

Although many of its latest entrants lean towards targeting Russian speakers, the Scarab Ransomware family also has a viable, English-based side, as evidenced by the Scarab-Rebus Ransomware and its new version, the Scarab-Barracuda Ransomware. The Scarab-Barracuda Ransomware variant is, probably, no more than another threat actor's attempt at creating a separate monetizing stream using old resources since malware experts aren't noting any technical changes to its features. Its potential damage, like that of other members of its family, is most severe for users without backups or appropriate network security protocols.

The Scarab-Barracuda Ransomware's family is often, but not exclusively, circulating with the help of brute-force attacks that break login credentials and let criminals use Remote Desktop features for installing the file-locking Trojan. The Delphi-based threat is compatible with most versions of the Windows OS and, after installing itself, uses Registry exploits for running automatically. The launched Trojan, then, uses an AES encryption routine for locking different media-based formats of data, of which, malware experts emphasize the vulnerability of text documents, pictures, and other, Microsoft Office data particularly.

The Trojan also, like other Scarab Ransomware releases, uses a simple encoding technique for obscuring the file names of what it locks while also adding new extensions ('.BARRACUDA'). Although there is a publicly-available decryption service for Scarab Ransomware's hostage files, the PC security industry is awaiting confirmation of its compatibility with this latest version of the family. Backing up your work to other devices that the Scarab-Barracuda Ransomware can't erase is recommended, although victims also may double-check Windows restore points, in case this Trojan hasn't, yet, deleted them.

Gutting the Sea Life that's Feeding on Files

The Scarab-Barracuda Ransomware has only cosmetic changes from other versions of its side of the Scarab Ransomware family, such as the Scarab-Bin Ransomware, the Scarab-Bomber Ransomware, or the Scarab-Danger Ransomware. Notepad messages on either the desktop or in the same folders as the locked files instruct the victims on paying a Bitcoin ransom for getting the threat actor's decryption help. While there isn't any corroboration of the cost of this service, malware experts advise against using non-refundable cryptocurrency payments rashly, ones that fund criminal enterprises particularly.

Maintaining stringent security standards on your passwords and other, remote login credentials can help against many of the attacks that the threat actors use for circulating members of the Scarab-Barracuda Ransomware's family. Additional infection strategies may use mislabeled e-mail attachments or file-sharing networks downloads, including fake billing notices or gaming software. Having your anti-malware products scan new files before you launch them should delete the Scarab-Barracuda Ransomware before it can attack any media.

Even though the Scarab-Barracuda Ransomware's only changes are in its ransoming addresses and extension, its distribution is a marker of the continuing success of the Scarab Ransomware, as a whole. Ransomware-as-a-Service is a problem for any Web-browsing PC user without careful backup habits, whether they live in Russia, North America or somewhere else entirely.

Loading...