Scarab-Tokog Ransomware
The Scarab-Tokog Ransomware is an iteration of the Scarab-Crypto Ransomware, and by extension – of the now infamous ScarabLocker Ransomware. While Scarablocker has been around for nearly two years now, Scarab-Tokog Ransomware, otherwise known as just “Tokog Ransomware,” popped up back in mid-February 2019. The Scarab-Tokog Ransomware, like its predecessor, encrypts the user data with a strong AES encryption, then tries to extort Bitcoin from the victim for the return of their encrypted files.
Where the Scarab-Tokog Ransomware differs from the Scarab-Crypto Ransomware is the fact that it adds the extension '.tokog' to encrypted files. In many regards, the Scarab-Tokog Ransomware is quite similar to other versions of ScarabLocker, attacking a wide variety of files, such as MS Office files, OpenOffice, PDF files, all manners of text files, databases, photos, music, video and image files, and some archives, among other things.
Like many sophisticated pieces of ransomware, the Scarab-Tokog Ransomware goes the extra steps to ensure that all the Shadow Volume copies on the infected device are deleted, which makes data recovery using this method impossible. The email addresses that the fraudsters responsible for Scarab-Tokog Ransomware gave in the ransom note were, respectively, tokog@india.com and tokog@protonmail.com, and are different to the ones used by the malware peddlers that ran ScarabLocker, who used qa458@yandex.ru.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.