Got that itchy GandCrab feeling? Ransomware decryptor offers relief

Claw back your stuff without paying asshat for pricey cracker

By John Leyden

Posted in Security, 28th February 2018 14:27 GMT

White hats have released a free decryption tool for GandCrab ransomware, preventing the nasty spreaders of the DIY malware from asking their victims for money.

GandCrab has been spreading since January 2018 via malicious advertisements that lead to the RIG exploit kit landing pages or via crafted email messages impersonating other senders, infecting an estimated 53,000 computers in the process.

In exchange for the decryptor, the crooks behind GandCrab ask for a ransom of anywhere between hundreds and hundreds of thousands of dollars in DASH, a crypto-currency that has just made its debut in cybercrime. The developers of GandCrab use a ransomware-as-a-service business model that allows people with little technical skill to get a piece of the action.

Ransomware demands tied to GandCrab infections have reached up to an exorbitant $600,000+, orders of magnitude higher than is common in ransomware scams. Ransomware scammers more typically demand between $300 and $500.

The newly developed (free) antidote works for all known versions of the ransomware. The nasty encrypts personal data on victims’ machines.

Security firm Bitdefender developed the GandCrab ransomware decryption tool in collaboration with Europol and Romanian Police. The effort is the latest under the No More Ransom project.

No More Ransom was launched in July 2016, introducing a new level of cooperation between law enforcement and the private sector to fight ransomware. ®

Sign up to our NewsletterGet IT in your inbox daily

6 Comments

More from The Register

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

Cash-machine-draining €1bn cybercrime kingpin suspect cuffed by plod

Bod accused of masterminding malware attacks on banks around the world

Brit police forces spend peanuts on cybercrime training

£1.3m over three years? Get with the times, plod

Microsoft patched more Malware Protection Engine bugs last week

Redmond's out-of-band advisory landed after the bugs were fixed

Microsoft says: Lock down your software supply chain before the malware scum get in

Stealthy attack code spotted going after payment systems

Security bods liberate EITest malware slaves

Miscreants' command and control network traffic sent down sinkhole

Hey, govt hacker bod. Made some really nasty malware? Don't be upset if it returns to bite you

RSA 2018 Cough, cough, EternalBlue, cough, cough Wannacry, splutter, Stuxnet

Infosec brainiacs release public dataset to classify new malware using AI

Data is the secret sauce to advancing AI research

Crumbs! Crunchyroll distributed malware for a couple of hours

Anime-streamer is fine again, and disinfection is easy

Researchers create AI attacker to defeat AI malware defender

It's like Spy Vs Spy, but with neural network boffins