In the recent past, Ransomware features have expanded to include data exfiltration, participation in distributed denial of service attacks (DDOS) & anti-detection components.
The malicious program employs sophisticated AES-256 & RSA-2018 encryption algorithm to lock personal information on targeted systems.
Amongst the many variants of this Ransomware the updated ones encrypt files by appending it with .RAP, .zzzzzzzz, .krab, .fast, .key, .ERROR, .skype, .hitler, .mammon, .walker, .please, .Recovery, .red, .osk, [email protected], .bomber etc.
The targeted files of this Ransomware attack include:
Unlike other Ransomware attacks, the virus soon after encryption places HOW TO RECOVER ENCRYPTED FILES ransom note in each of the affected folders.
The sacarb-krab Ransomware is known to be used in attacks on small businesses that use poorly protected remote desktop accounts & outdated software infrastructure.