Scarab-DD Ransomware

Posted: October 18, 2018

Scarab-DD Ransomware Description

The Scarab-DD Ransomware is a file-locker Trojan that can keep your media from opening by encrypting the files. The file-locking process doesn't generate any obviously-visible symptoms, although, afterward, the Trojan marks the associated content with new extensions. Save your backups to another device for limiting any damages from infections and have anti-malware products ready for deleting the Scarab-DD Ransomware as needed.

The Doctor is Back in Agai

One of the lesser-known members of the Scarab Ransomware family, the Scarab-DiskDoctor Ransomware, is seeing an upgrade that consists of little more than new extensions and addresses. Although this group of file-locker Trojans includes significant support for Russian-based server admins, this new build, the Scarab-DD Ransomware, is targeting English speakers. Along with the blocking of content, the Scarab-DD Ransomware also takes steps for disabling the Windows system-repairing features that might work around the consequences of its attacks.

The Scarab-DD Ransomware is almost a complete copy of the months-younger Scarab-DiskDoctor Ransomware, and, like it, uses the AES encryption for keeping the user's media locked. Although the Scarab-DD Ransomware adds a different extension ('DD') to the filenames, it continues attacking the Shadow Volume Copies, disabling Windows boot-up warnings, and conducting other, anti-data-recovery attacks that are typical for this family. Users may double-check their default, local backups in the rare case of bugs preventing the deletion from occurring.

Malware experts also are finding equally-minor changes to the Notepad ransom note that the Scarab-DD Ransomware creates. The instructions, embellished with an ASCII art piece that the Scarab-DD Ransomware shares with the Scarab-DiskDoctor Ransomware, give the user an e-mail and ID for entering into negotiations for the decryption service. Besides an update to the e-mail, which, still, uses a free ProtonMail address, the Scarab-DD Ransomware's warning is no different from the ones of its immediate ancestor.

Blocking Your Disk's Appointment with a File Encryptor

Paying the ransom is, at best, a high-risk option that may not give you a solution or penalize the threat actor's failure to decrypt your media safely. Any network-accessible drives are, also, at risk without any additional protection, such as requiring a unique login.

Malware researchers tend to see attacks from this family, including recent editions like the Scarab-Skype Ransomware, the Scarab-Barracuda Ransomware, the Scarab-Turkish Ransomware, and the Scarab-Bin Ransomware, using RDP exploits and brute-force tools. Servers are more vulnerable to these compromise strategies when their login requirements have popular or unsophisticated values, such as having a password of 'password123.' Although having anti-malware applications for removing the Scarab-DD Ransomware is the recommendation of researchers, that software can't prevent an attacker from installing software under manually-driven conditions.

The Scarab-DD Ransomware has a 'healing touch' for the profits of anyone wanting to run a Ransomware-as-a-Service campaign without needing to do much more than maintain an e-mail account. Depending on your operating system's help with retrieving your media is growing into an even more poor choice by the minute, with new versions of Scarab Ransomware around.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Scarab-DD Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Scarab-DD Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.