New decryptor released to
counter latest version of
GandCrab ransomware
itdefender, a leading global
cybersecurity company
protecting over 500 million
systems worldwide, has unveiled a new
decryptor to counter the latest version of
GandCrab ransomware.
B
Delivered in partnership with Europol,
Romanian Police, DIICOT, FBI, NCA
and Metropolitan Police, as well as
police offices in France, Bulgaria and
other law enforcement agencies, the
decryptor neutralises the latest versions
of GandCrab – the most prolific families
of file-encrypting malware to date.
The new tool lets victims regain access
to the information lost to hackers,
without paying a ransom. The decryptor
counters versions 1 and 4, as well as
versions 5 through 5.2, the latest used
by cybercriminals.
The previous decryptors for the
GandCrab ransomware released by
Bitdefender and partner law enforcement
agencies have helped more than 30,000
victims recover ransomed data and save
more than US$50 million by not paying
the ransom.
GandCrab emerged in January 2018
and quickly gained traction due to its
affiliate-based monetisation scheme,
reaching a whopping 50% share of the
ransomware market by August 2018.
In recent interactions on private
underground forums, the GandCrab
operators claimed they have extorted
more than US$2 billion from victims.
The joint efforts of Bitdefender and
partner law enforcement agencies have
weakened the operators’ position on the
market and prompted criminal affiliates
to distrust the service, leading to the
demise and shutdown of the operation.
In a statement, Bitdefender said its
efforts in providing decryptors for
GandCrab victims have weakened
the ransomware operators by cutting
off their monetisation mechanisms. It
Efforts in providing
decryptors for
GandCrab victims
have weakened
the ransomware
operators by cutting
off their monetisation
mechanisms.
said: “In addition to delivering relief for
victims, these efforts have contributed
to establishing a positive mindset among
new victims, who would rather wait for a
new decryptor than give in to hackers’
ransom demands.”
To prevent ransomware infections, users
should implement a security solution
with layered anti-ransomware defences,
regularly back up their data and avoid
opening attachments delivered with
unsolicited messages.
The new decryption tool is available
immediately and can be downloaded
for free on Bitdefender Labs and the No
More Ransom Project. u
www.intelligentciso.com
|
Issue 15
57
Bitdefender and its partner law
enforcement agencies advise victims to
not give in to the demands of ransomware
operators. Instead, they should back
up the encrypted information and notify
police immediately.