GandCrab targets consumers and businesses with PCs running Microsoft Windows.
GandCrab ransomware distributed by RIG and GrandSoft exploit kits (updated)įirst observed in January of 2018, GandCrab ransomware is a type of malware that encrypts victims’ files and demands ransom payment in order to regain access to their data. Magnitude exploit kit switches to GandCrab ransomware. Vidar and GandCrab: stealer and ransomware combo observed in the wild. Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void. Fonix ransomware gives up life of crime, apologizes. In this article we’ll attempt to answer all of those lingering questions, provide resources for victims, and put an epilogue on the story of GandCrab. Did GandCrab’s creators actually earn as much money as they said they did? Who are these guys even and are they really retiring? More importantly, is the GandCrab ransomware still a threat to consumers? While an entertaining humble brag, several questions remain unanswered. The post ended with a pithy thank you to everyone in the affiliate community for “all the hard work.” “We have proved that by doing evil deeds, retribution does not come.”Īffiliated partners, those who helped spread the ransomware for a share of the profits, were encouraged to shut down operations while victims were told to pay up now or lose their encrypted data forever. “We successfully cashed this money and legalized it in various spheres of white business both in real life and on the Internet,” the post continued. 
Since launching in January 2018, GandCrab’s authors claimed to have brought in over $2 billion in illicit ransom payments and it was time “for a well-deserved retirement.” “All good things come to an end” they wrote in a self-congratulatory post appearing on a notorious cybercrime forum. They announced they were shutting down operations and potentially leaving millions of dollars on the table. On the cybercriminals behind the GandCrab ransomware did something unusual within the world of malware.
0 kommentar(er)
