Decryptor tool released for the notorious GandCrab ransomware let’s victim’s to unlock the files infected with any version of GandCrab. The tools are available to download form Bitdefender and No More Ransom Project.
Bitdefender, along with law enforcement agencies managed to offer several decryptors to help GandCrab victims get their data back for free.
“These tools totaled more than 30,000 successful decryptions and have saved victims roughly $US 50 MILLION in unpaid ransom,” also it cuts the ransomware operators monetization options.
GandCrab a Look Back
The ransomware strain first spotted in January 2018; it is the most sophisticated and continuously changing ransomware. It grabs more than 50% of infection in market share by August 2018.
It was sold by threat actors in the dark web to affiliates for infecting the victims, and to collect ransom payments from them. The affiliates need to give 40% of their profit to the GandCrab developers.
According to Bitdefender, GandCrab has infected more than 1.5 million victims around the world, both home users and corporations.
The ransomware was distributed through multiple vectors that include malicious spam emails, exploit kits, social Engineering methods, and other malware campaigns.
Starting this month, the threat actors posted an announcement says they have stopped promoting the ransomware and asked affiliates to stop distribution of ransomware within 20 days. Also, it urged victim’s to pay the ransom; else the key will get deleted.
GandCrab sets ransom payments based on the victim’s type, an average computer costs from $600 and $2,000 to decrypt, and server decryption costs $10,000 and more.
Ransomware has always been a threat for cybersecurity professionals, with new variants and types developed every day; this has become a never-ending routine for IT, administrators, to prevent them from causing havoc to their business.