Bitdefender, Europol, Romanian and French Police, FBI Team up for Fourth GandCrab Decryptor
June 2019 by Bitdefender
Bitdefender unveils a new decryptor to counter the latest version of GandCrab ransomware. Delivered in partnership with Europol, Romanian Police, DIICOT, FBI, NCA and Metropolitan Police, as well as Police Offices in France, Bulgaria and other Law Enforcement agencies, the decryptor neutralizes the latest versions of GandCrab – the most prolific families of file-encrypting malware to date. The new tool lets victims regain access to the information lost to hackers, without paying ransom. The decryptor counters versions 1 and 4, as well as versions 5 through 5.2, the latest used by cyber-criminals.
The previous decryptors for the GandCrab ransomware released by Bitdefender and partner law enforcement agencies have helped more than 30,000 victims recover ransomed data and save more than 50 million dollars by not paying ransom.
GandCrab emerged in January 2018 and quickly gained traction due to its affiliate-based monetization scheme, reaching a whopping 50% share of the ransomware market by August 2018.
In recent interactions on private underground forums, the GandCrab operators claimed that they have extorted more than $2 billion from victims. The joint efforts of Bitdefender and partner law enforcement agencies have weakened the operators’ position on the market and prompted criminal affiliates to distrust the service, leading to the demise and shutdown of the operation.
“Our efforts in providing decryptors for GandCrab victims have weakened the ransomware operators by cutting off their monetization mechanisms,” said Bitdefender representatives. “In addition to delivering relief for victims, these efforts have contributed to establishing a positive mindset among new victims, who would rather wait for a new decryptor than give in to hackers’ ransom demands.” To prevent ransomware infections, users should implement a security solution with layered anti-ransomware defenses, regularly back up their data and avoid opening attachments delivered with unsolicited messages.
Bitdefender and its partner law enforcement agencies advise victims to not give in to the demands of ransomware operators. Instead, they should back up the encrypted information and notify police immediately.