Scarab-Oops Ransomware Description
A new version of the Scarab-Bin ransomware was spotted recently by security researchers. The ransomware is called Scarab-Oops, after the extension it appends to encrypted files. The Scarab Ransomware family was already large enough and growing regularly so that the new extension variant is not much of a surprise.
The files scrambled by the Scarab-Oops only receive the ".Oops" extension, unlike the Scarab-Bin Ransomware, which also inserted a unique victim ID between the old and the new extension. A sample file called "ledger.xlsx" will turn into "ledger.xlsx.Oops" once encrypted by Scarab-Oops Ransomware. The actual payload of the Scarab-Oops Ransomware is a randomly named executable, as is common with many other similar threats. The Scarab-Oops Ransomware affects MS Office files, PDF, plain text, database, media and archive files.
The Scarab-Oops Ransomware places its ransom note in a file named 'HOW TO RECOVER ENCRYPTED FILES.TXT.' The new campaign using the Scarab-Oops Ransomware also uses different emails for contacting the bad actors behind it - dec_helper at aol.com and datarecovery at airmail.cc. The text of the ransom note is as follows:
'All your files are encrypted!
To return the files, write to the mail:
dec_helper at aol.com
datarecovery at airmail.cc
In the letter, specify your ID and attach several files for decryption.
Attempts to recover files, destroy them forever!
Your personal ID:
[long alpha-numeric string]'
There is no available decryption tool for the files and systems affected by the Scarab-Oops Ransomware currently.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Scarab-Oops Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.