User:94rain/sb1

GandCrab is a form of encrypting ransomware malware first discovered in January 2018, which demands payment in DASH cryptocurrency.

History edit

The first version of GandCrab was first discovered at the end of January 2018^[1]^: 155. In February, Bitdefender released a decryption tool to recover files that were encrypted by the first version of GandCrab. By the end of February, more than seven subversions were found^[2]. On March 6, version 2 was detected, which used new extensions^[1]^: 155.

On June 1, 2019, the creators of GandCrab announced that they were shutting down their operation and delete all decryption keys^[3]. On 17 June 2019, FBI released a decryption tool for all versions of GandCrab^[4].

Impact edit

GandCrab is distributed via spam emails, exploit kits as well as some other spreading vectors^[5]. GrandSoft and RIG are most commonly used for distributing^[6]. As of June 2019, GandCrab has affected more than 1.5 million computers^[7].

References edit

^ ^a ^b Lemmou, Yassine; Souidi, El Mamoun (2018). "Inside GandCrab Ransomware". Cryptology and Network Security. Cham: Springer International Publishing. doi:10.1007/978-3-030-00434-7_8. ISBN 978-3-030-00433-0. ISSN 0302-9743.
^ Abrams, Lawrence (February 28, 2018). "EITest HoeflerText Scam Distributing GandCrab & Netsupport Manager". BleepingComputer. Retrieved October 20, 2019.
^ Cimpanu, Catalin (June 1, 2019). "GandCrab ransomware operation says it's shutting down". ZDNet. Retrieved October 20, 2019.
^ Abrams, Lawrence (July 16, 2019). "FBI Releases Master Decryption Keys for GandCrab Ransomware". BleepingComputer. Retrieved October 20, 2019.
^ "The GandCrab Ransomware Mindset". Check Point Research. March 13, 2018. Retrieved April 11, 2019.
^ "GandCrab ransomware distributed by RIG and GrandSoft exploit kits". Information Security Newspaper. January 31, 2018. Retrieved October 20, 2019.
^ "GandCrab Ransomware Decryption Tool [All Versions]". The Hacker News. Retrieved October 20, 2019.

Category:Hacking in the 2010s Category:Ransomware Category:Cyberattacks Category:Hacking in the 2010s

[Lemmou-1] Lemmou, Yassine; Souidi, El Mamoun (2018). "Inside GandCrab Ransomware". Cryptology and Network Security. Cham: Springer International Publishing. doi:10.1007/978-3-030-00434-7_8. ISBN 978-3-030-00433-0. ISSN 0302-9743.

[2] Abrams, Lawrence (February 28, 2018). "EITest HoeflerText Scam Distributing GandCrab & Netsupport Manager". BleepingComputer. Retrieved October 20, 2019.

[3] Cimpanu, Catalin (June 1, 2019). "GandCrab ransomware operation says it's shutting down". ZDNet. Retrieved October 20, 2019.

[4] Abrams, Lawrence (July 16, 2019). "FBI Releases Master Decryption Keys for GandCrab Ransomware". BleepingComputer. Retrieved October 20, 2019.

[5] "The GandCrab Ransomware Mindset". Check Point Research. March 13, 2018. Retrieved April 11, 2019.

[6] "GandCrab ransomware distributed by RIG and GrandSoft exploit kits". Information Security Newspaper. January 31, 2018. Retrieved October 20, 2019.

[The_Hacker_News-7] "GandCrab Ransomware Decryption Tool [All Versions]". The Hacker News. Retrieved October 20, 2019.

[1]

[2]

[3]

[4]

[5]

[6]

[7]