Scorpio ransomware

Scorpio Encrypts the files on the compromised computer asking it’s owner to pay in BitCoin in order to get them back. The files encrypted with the .scorpio file extension added after them. The ransom note remains the same as with the .scarab file virus.

Distribution Method: Spam Emails, Email Attachments, Executable files

Scorpio Ransomware marks the files encrypted by the attack adding a specific extension to the end of each file’s name. The Scorpio Ransomware also will encrypt the affected files’ names, replacing them with what appears to be a string of random characters. The

Scorpio Ransomware’s ransom note is contained in a text file with the following name: ‘IF_YOU_WANT_TO_GET_ALL_YOUR_FILES_BACK_PLEASE_READ_THIS.TXT.’ The full text of the Scorpio Ransomware ransom note reads:
——————————————————————————————————————-
‘*** IF YOU WANT TO GET ALL YOUR FILES BACK, PLEASE READ THIS ***
Your files are now encrypted!
—–BEGIN PERSONAL IDENTIFIER—–
**************************************
—–END PERSONAL IDENTIFIER—–
All your files have been encrypted due to a security problem with your PC.
Now you should send us email with your personal identifier.
This email will be as confirmation you are ready to pay for decryption key.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
Contact us using this email address: qa458@yandex.ru
Free decryption as guarantee!
Before paying you can send us up to 3 files for free decryption.
The total size of files must be less than 5Mb (non archived), and files should not contain valuable information (databases, backups, large excel sheets, etc.).
How to obtain Bitcoins?
* The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click
‘Buy bitcoins’, and select the seller by payment method and price:
hxxps://localbitcoins.com/buy_bitcoins
* Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.’
——————————————————————————————————————-

We do not recommend you to follow cybercriminals’ instructions because they do not provide any guarantees to you, besides, think about the consequences – paying the ransom simply allows criminals to fund their further illegal projects. Unfortunately, the files affected by the Scorpio Ransomware attack are not recoverable. Your best bet is to recover all of your files using Max Total Security Backup/Restore tool if you had this software installed on your PC, IF you did not , it is never late to start using it now and have a total peace of mind.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>