The GandCrab ransomware decryptor has been released by the Romanian Police (IGPR) under the supervision of the General Prosecutor’s Office (DIICOT) and in collaboration with the internet security company Bitdefender and Europol.

Bitdefender has teamed up with Europol, the Romanian Police , and the Directorate for Investigating Organized Crime and Terrorism ( DIICOT ) to release a free decryption tool for the infamous GandCrab Ransomware

Early February experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web.

The GandCrab was advertised in Russian hacking community, researchers noticed that authors leverage the RIG and GrandSoft exploit kits to distribute the malware. Partners are prohibited from targeting countries in the Commonwealth of Independent States (Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Uzbekistan and Ukraine).

It has been estimated that the GandCrab ransomware has managed to infect approximately 50,000 computers, most of them in Europe, in less than a month asking from each victim for ransoms of $400 to $700,000 in DASH cryptocurrency.

“As of today, a new decryption tool for victims of the GandCrab ransomware is available on www.nomoreransom.org. This tool has been released by the Romanian Police (IGPR) under the supervision of the General Prosecutor’s Office (DIICOT) and in collaboration with the internet security company Bitdefender and Europol.” reads the announcement published by the Europol.“First detected one month ago, GandCrab has already made 50 000 victims worldwide, a vast number of which in Europe, making it one of the most aggressive forms of ransomware so far this year.”

Victims of GandCrab ransomware thanks to Bitdefender and the European law enforcement can recover files without paying the ransom.

“Ransomware has become a billion-dollar cash cow for malware authors, and GandCrab is one of the highest bidders,” Bitdefender’s Senior Director of the Investigation and Forensics Unit, Catalin Cosoi says.

“We are glad to provide our technical expertise in fighting cyber-crime as our long-standing mission is to protect the world’s Internet users and organizations. In the near future, we expect ransomware developers to migrate towards mining and stealing cryptocurrency”

The tool is available on Bitdefender’s website here, and through No More Ransom here.

Pierluigi Paganini

(Security Affairs – GandCrab Ransomware, decryptor)

Share this...

Linkedin Reddit Pinterest

Share On