Almost a year and a half after the release of the GandCrab malware, its operators decided to close down their business and instructed their partners to stop spreading the program.GandCrab arrived in the cybercriminal world on January 28, 2018. This ransomware replaced such infamous cryptographers as TeslaCrypt, CryptoWall and Spora, and became one of the dominant, if not the most dominant, ransom software.
However, over the past few months, the number of GandCrab infections has begun to decrease, and recently, on the cybercriminal forum Exploit.in, malware operators published a notification about the termination of their business.
According to the report, the malware brought its operators about $2 billion (an average of $ 2.5 million per week). Net profit amounted to $150 million, which were withdrawn and invested in legal companies.
In this regard, further sales of GandCrab cease, and partners must stop its distribution within 20 days. Within one month, the topic dedicated to the malware will also be deleted from Exploit.in.
“We are leaving for a well-deserved retirement, we have proved that by doing evil deeds, retribution does not come.”, — said GandCrab operators.
Among other things, GandCrab operators warned their victims about the need to pay ransom immediately, because soon all the encryption keys will be deleted and files cannot be recovered.