'.recme File Extension' Ransomware

The '.recme File Extension' Ransomware is a new version of the Scarab Ransomware, a Trojan that locks the recreational and work-related files on your PC so that you pay its ransom. The '.recme File Extension' Ransomware may overwrite the filenames or add extensions to them, as well as create text-based ransoming notes. Ignore the demands for payment, if possible, and use free recovery solutions for your media after uninstalling the '.recme File Extension' Ransomware with any trusted anti-malware product.

A Case of Impatient Extortion Abetted by Encryption

Alongside the also-just-released Dan@cock.email Ransomware, malware experts are confirming the simultaneous distribution of another version of the Scarab Ransomware's family, the '.recme File Extension' Ransomware. As a threat that's, likely, under the administrative management of a separate group of threat actors, the '.recme File Extension' Ransomware's distribution exploits are highly unpredictable potentially, although its data-locking features remain working seemingly, as usual. Infections associated with the threat can block most media-related file formats in a minimum of time and suppress any symptoms until afterward.

Instead of using a default cryptography API call, the '.recme File Extension' Ransomware uses an AES encryption feature with all of the data-enciphering information embedded inside the program. This attack may lock Word documents, JPG or BMP pictures, and a range of other file formats, while also appending '.recme' extensions into their names. Malware experts haven't confirmed the use of Base64-patterned renaming, which also is commonplace in the Scarab Ransomware's family, and can prevent users from identifying any specific files.

The '.recme File Extension' Ransomware also uses an aggressive variant of a Notepad ransoming message that is traditional in some members of the Trojan's family. The threat actors demand their ransom for unlocking the files within two days and claim that they'll publicize the corrupted files if they receive no payment. So far, malware researchers are finding no evidence of file-collecting or data-uploading features in the '.recme File Extension' Ransomware and such functions aren't typical of the Scarab Ransomware's numerous variants.

Keeping Your Files from Getting Wrecked by the '.recme File Extension' Ransomw

Timing-based pressure is an increasingly-seen addition to ransom notes from the Scarab Ransomware's variants, with other examples of different pressuring tactics at work including both the Scarabey Ransomware and the Scarab-Danger Ransomware. However, the associated threats are almost always bluffs. Since the '.recme File Extension' Ransomware doesn't include any spyware-related features of note, paying the ransom has no impact on the publicizing of any data. Malware experts also recommend testing all free decryption programs before you pay for a criminal's equivalent software.

Default Windows backups are routine targets of deletion by the '.recme File Extension' Ransomware and other versions of the Scarab Ransomware, such as May's Scarab-Walker Ransomware, Scarab-Horsia Ransomware, and Scarab-Osk Ransomware. Keep your backups on another device, such as a portable USB or cloud service, for protecting your media from these threats. Many anti-malware products also are capable of intercepting and deleting the '.recme File Extension' Ransomware at its installation point, such as an e-mail attachment, as well as after infection.

It shouldn't be surprising that criminals who harm strangers' files for money are also dishonest. The '.recme File Extension' Ransomware is a repeating example of an underground industry that makes its money from the gullible and irresponsible, and it's up to individual PC users to keep those profits as low as possible.