A warning to businesses to be on the lookout for the latest ransomware threat, “Scarab” which is making headlines in the UK and around the globe. This variant of the ransomware virus has become part of a large-scale email-based campaign that manages to slip past the defenses of some unsuspecting companies.
Scarab, is distributed through a malicious email campaign. The email uses the subject line “Scanned from {printer company name}. This is similar to a previous version of the Locky ransomware. The email contains a 7zip attachment that contains a VBScript downloader. The virus script has been found to contain several references to Game of Thrones.
Scarab is a relatively new ransomware family that was discovered back in June. Strangely, the note doesn’t specify the amount demanded, instead it tells you “the price depends on how fast you write to us.”
As with all ransomware, Scarab encrypts the victim’s files, making them irrevocable without payment. Most ransomware has a built-in file extension filter that will leave executable files intact.
While antivirus and firewalls are incredibly effective in reducing risk, you need a more robust security solution in place to defend against the increasingly dangerous threat landscape. To be fully protected, companies will need a proper, reliable backup and disaster recovery (BDR) solution with online and offline backup solutions as the ultimate failsafe against successful attacks.
You want to be vigilant in protecting yourself and your data on a daily basis. Some things to remember are:
- Backup that data. You can never backup too often.
- If you don’t who is sending an attachment, don’t open it.
- If it appears to be from someone you know, verify that they sent you one before opening.
- Install Windows updates as soon as you see them available. They are there for a reason.
- Make sure you are using passwords and don’t use the same password on multiple sites or more than once.
Unfortunately, no matter how strong the security solutions, attacks will continue to slip through the cracks. Therefore, MSPs and MSSPs who are looking to fully-protect their clients must implement a proper, reliable backup and disaster recovery (BDR) solution with online and offline backup solutions as the ultimate failsafe against successful attacks. Your data is important, don’t let some hacker take it away.