Security experts finally defeated the GandCrab encryption

On the portal No More Ransom arrived decryptor to the latest version of GandCrab ransomware The utility can save from data destruction many thousands users who have suffered from attacks of the coder.

Representatives of Europol reported the appearance of a new decryptor on its website. They thanked for the help in the development of law enforcement services of nine countries, including the UK, Germany and the United States, as well as Bitdefender information security company.

Program works with GandCrab 1, 4 and all versions of the 5th version, including the newest 5.2, which came out simultaneously with the decryptor of the previous generation.

According to Europol, since the first antidote to the GandCrab appeared, it was possible to recover data of more than 30 thousand users. As a result, ransomware victims were able to save about $50 million.

“The most important thing is that united efforts of [experts from the project No More Ransom] have weakened the market position of the malware operators. In the end, this led to their decline and allowed law enforcement agencies to stop malicious activity”, – said law enforcement officials.

The creators of GandCrab announced the cessation of activity in early June 2019. According to the criminals, a year and a half of malware campaigns brought them a substantial profit, and now they expect to go into a legal business.

Attackers that supported the online portal for renting GandCrab gave their counterparties a month to withdraw funds. During the same time, the ransomware victims were recommended to pay the ransom – after a month, the criminals promised to remove all encryption keys, making it impossible to return the lost data.

Now users do not have to make a deal with fraudsters. Nevertheless, experts warn that a malicious person can still create serious problems, since even a temporary loss of access to critical data entails losses.

“Despite the end of GandCrab, ransomware remains a large threat to organisations, with several high-profile attacks in recent months highlighting the danger posed”, – remind in Europol.

Source: https://www.europol.europa.eu