The latest version of the tool is functional for those who suffered ransomware infections between November 2018 and February 2019
Network security and ethical hacking
specialists from the International Institute of Cyber Security report the
launching of a new version of the tool to remove the encryption generated by
the GandCrab
ransomware (versions 5.04 to 5.1). These versions have been detected recently,
infecting thousands of victims since the end of 2018 until now.
The previous version of GandCrab Decryption,
launched in February 2018 and updated in October of the same year, was
functional to eliminate the encryption of GandCrab ransomware versions 1.x, 4.x,
up to 5.0.0. In other words, this tool is useful against most versions of the
ransomware, except 2.x and 3.x, the less common variants of this malware.
The tool could not appear at a better time,
consider specialists in network
security. GandCrab has recently been detected at the core of several
spam campaigns, including some targeted attacks. “We believe that GandCrab is
the most important cyber threat currently. This ransomware must gather around
40% of the ransomware market”, the experts mentioned.
In the most recent campaign of attacks,
ransomware operators have managed to access networks of some remote IT support
firms, infecting workstations of clients of these companies through remote
management tools used regularly by this kind of companies.
However, thanks to this new development, the
victims will be able to recover their files without having to negotiate a
payment with the malware operators.
Network security specialists estimate that this
tool to eliminate the encryption of GandCrab ransomware has been used by over
10k victims, which means cutting an income of more than $5M USD for campaign
operators. Campaign operators are expected to launch an updated version of the
ransomware, able to bypass the features of the new tool.
The hackers behind the ransomware GandCrab
continue to operate in freedom, offering access to this malicious software
through various hacking forums, mainly in Russian language.
The best way to protect you against any threat
from ransomware is to create physical and cloud security backups; if an
infection with encryption malware is present, organizations can use their backups
if the anti-encryption tools are not functional.
It is also advisable to create backup copies of
encrypted files in case one of the tools developed against the ransomware is
functional for that specific variant.
Interested users can download Bitdefender
GandCrab Decryption here.
