GandCrab Ransomware is Attacking Unprotected PC and Grabbing Money in Many Countries


The GandCrab ransomware has been famous for adding Syria and other war-torn areas to the white list of affected areas. It is called “Grand Theft Virus.”

GandCrab v5.2 is attacking Brazil, the United States, China, India, Indonesia and Pakistan and many other countries. It is developing to similar scale of WannaCry ransomware in 2017.

It is reported that the government agencies, universities, enterprises, and research institutions in China have become the targets of the GandCrab ransom virus family. Up to now, Yiling District Government of Yichang City, Hubei Province, Institute of Metal Research, Chinese Academy of Sciences, Yunnan Normal University, and Dalian Municipal Public Security Governments, enterprises, and universities have issued announcements on their official websites to prevent virus attacks.

As a rising “blackmail” virus, the GandCrab ransom virus has grown rapidly since it was released in 2018. A large number of files on Windows servers are encrypted and corrupted. The ever-evolving spread methods greatly reveal that its development momentum is rapid. The hackers have been using various ways such as U disk worms, downloaders, remote desktop blasting, eternal blue loopholes, webpage hang horses, etc. to spread the ransomware. Recently, mail attack becomes hackers’ favorite way to attack victims.

The attackers send the fake email to the victims and guide them to download the unknown attachment in the email. Once users click on malicious link or download attachment, the ransomware can then immediately encrypt the victim’s host hard drive data and demands the victim to pay the ransom.

In order to increase the infected area and increase income, the GandCrab behind-the-scenes team also used the “ransomwareas-a-service” method in the dark network to sell the V5.2 version of the virus to the hackers, which was provided by the GandCrab team. Viruses, hackers choose targets to attack and blackmail the world. After the attack is successful, the GandCrab team will extract 30%-40% of profits. In order to collect money, it can be described as omnipotent.

Tips to Prevent Ransomware
1. Install powerful security software to defend against GandCrab ransomware and powerful killing, and protect personal data and property security in all aspects.
2. Improve safety management awareness, close unnecessary ports and share files.
3. Install patches to the system in time, repair server systems and web application vulnerabilities, use strong server login passwords and web application background login passwords to prevent attackers from attacking servers through exploits or weak password blasting.
4. Remember not to click on emails from unknown sources. Enterprise mail servers can try to deploy email security gateways, upgrade security policies, and pull such emails into spam blacklists to implement defenses.

Published by on April 13, 2019 9:11 am, last updated on April 12, 2019 9:11 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On