Home Malware Programs Ransomware Scarab-Osk Ransomware

Scarab-Osk Ransomware

Posted: May 28, 2018

The Scarab-Osk Ransomware is an update of Scarab-Walker Ransomware from the Scarab Ransomware family. The Scarab-Osk Ransomware uses encryption for locking your files, modifies their names significantly, and creates messages asking for Bitcoin ransoms for recovering your data. The damage it causes can be irreversible; use anti-malware products for protecting your PC and removing the Scarab-Osk Ransomware as soon as possible while limiting its window for attacking your digital media.

The Next Bug in Line for Your Files

Barely more than a week after the verification of the Scarab-Walker Ransomware, malware researchers also are taking notice of another update to this Amnesia Ransomware branch of the Scarab Ransomware's frequently-updated family. The latest member, the Scarab-Osk Ransomware, is an edit of the Scarab-Walker Ransomware that uses different cosmetic symptoms. The threat actors could use this update as a way of obfuscating the Scarab-Osk Ransomware's identity and making the Trojan seem secure and unique.

In actuality, the Scarab-Osk Ransomware uses the same, AES-based encryption method of attacking your files as most, other versions of the Amnesia Ransomware and the Scarab Ransomware. The currently-unbreakable encryption algorithm modifies all formats of data in the Trojan's whitelist, which includes Word or PDF documents, pictures, compressed archives and other media. Users may be incapable of identifying specific files afterward, as a result of the Scarab-Osk Ransomware's converting all their names to Base64.

However, the Scarab-Osk Ransomware uses a different extension ('.osk') for these files in comparison to the Scarab-Walker Ransomware update. Malware researchers also verify that the Trojan uses a slightly different ransoming message that still asks for Bitcoins and gives a 'customer' ID, but is missing the Scarab-Walker Ransomware's ASCII art. Unlike its predecessor, the Scarab-Osk Ransomware doesn't identify itself in the note.

Universal Extermination Techniques for Digital Pests

The Scarab-Osk Ransomware is a typical entry in its family that uses frequent changes to ransoming notes, and other symptoms, for hiding the identity of the infection and its associated cryptography routine. Vulnerable PCs, particularly any network-accessible ones, always should have their valuable data preserved on another device, such as a portable drive or a cloud server. However, malware experts also recommend contacting respected members of the cyber-security community for any decryption assistance, if required, which may be available for the Scarab-Osk Ransomware and other Scarab-Walker Ransomware variants.

The threat actors who are responsible for the Scarab-Osk Ransomware's family have close associations with Russia, but their Trojans are English-based and can attack PCs around the world indiscriminately. Servers using non-secure passwords may suffer compromises from brute-force attacks that result in infections, or users may compromise their PCs after opening disguised e-mail attachments. Anti-malware products should delete the Scarab-Osk Ransomware on sight, even though many security products detect Scarab Ransomware Trojans as variants of Zusy.

The Scarab-Osk Ransomware is part of a readily-modified series of file-locking Trojans that also encompasses entries like the Anonymous-themed Scarab-Horsia Ransomware and last year's Scorpio Ransomware. Users should anticipate ongoing updates to the Trojan's family indefinitely and protect their files with the same level of dedication.

Loading...