Scarab ransomware Hits Windows PC Via Necrus Botnet

Scarab ransomware : All Important & Essential Facts About It

Recently, team of security researchers have discovered that Scarab ransomware campaigns using infamous Necrus botnet to spread through millions of spam emails. This year, Scarab ransomware is fourth malspam campaigns that is being spread at wide range. As you know that, first of all Scarab ransomware has been noticed by the System user on June, 2017 that usually being sent to .com addresses and followed by the inboxes. According to the researchers, this ransomware was sent to the 12.5 million email addresses in first four hours.

First of all, it’s developers uses ‘.scarab’ file extension to locked files but later it was updated on November 23rd, 2017 and started to use ‘.scorpio’ suffix to the end of files name and makes them inaccessible. The latter version usually locks file by appending [email protected] file extension. After encrypting files, it prevent Computer users from opening their all stored files. Once damaging files completely, it automatically downloads and opens the ransom note entitled as “IF YOU WANT TO GT ALL YOUR FILES BACK, PLEASE READ THIS.TXT”. But this threatening ransom message does not reveal about the size and amount of ransom fee. Through ransom note, victims are highly supposed to contact with the cyber criminals via displayed or provided email address.

To Know More About Scarab ransomware, Visit It’s Wikipedia Link –

Transmission Strategies Used By Scarab ransomware

The beginning of the Scarab ransomware distribution was recorded at wide range on November 23rd that mostly targeted the Australia, Germany, France and United Kingdom. The creators of such a ransomware are excellent in the social engineering tactics and they know very well how to convince System user into opening the malicious or infected attachment. It’s payload is generally included into emails with the fake images of the scanned documents having various subject lines including Scanned from Epson, Scanned from Lexmark, Scanned from Canon, Scanned from HP etc. The spoofed sender’s name usually follow the [email protected]’s email domain scheme. However, System users are highly advised to be cautious while opening any spam attachments or messages.

Safeguard Tips Against Scarab ransomware

Once getting familiar with the infiltration channel of Scarab ransomware, you can easily avoid your Computer by opting some safeguard tips that listed below :

  1. Always be cautious of any unknown or uninvited document that sent over an email.
  2. Avoid to click on any link that appear on your screen from unverifying or untrusted source.
  3. Keep an excellent backup routine to save your all valuable data.
  4. Keep your Operating System and installed application always up-to-date.
  5. Use an appropriate, trusted and legitimate anti-virus tool on your Windows PC.


To Delete Scarab ransomware, You May Also Visit –


Leave a Comment

Your email address will not be published. Required fields are marked *