The GandCrab ransomware has been famous for adding Syria and other war-torn areas to the white list of affected areas. It is called “Grand Theft Virus.”
GandCrab v5.2 is attacking Brazil, the United States, China, India, Indonesia and Pakistan and many other countries. It is developing to similar scale of WannaCry ransomware in 2017.
It is reported that the government agencies, universities, enterprises, and research institutions in China have become the targets of the GandCrab ransom virus family. Up to now, Yiling District Government of Yichang City, Hubei Province, Institute of Metal Research, Chinese Academy of Sciences, Yunnan Normal University, and Dalian Municipal Public Security Governments, enterprises, and universities have issued announcements on their official websites to prevent virus attacks.
As a rising “blackmail” virus, the GandCrab ransom virus has grown rapidly since it was released in 2018. A large number of files on Windows servers are encrypted and corrupted. The ever-evolving spread methods greatly reveal that its development momentum is rapid. The hackers have been using various ways such as U disk worms, downloaders, remote desktop blasting, eternal blue loopholes, webpage hang horses, etc. to spread the ransomware. Recently, mail attack becomes hackers’ favorite way to attack victims.
The attackers send the fake email to the victims and guide them to download the unknown attachment in the email. Once users click on malicious link or download attachment, the ransomware can then immediately encrypt the victim’s host hard drive data and demands the victim to pay the ransom.
In order to increase the infected area and increase income, the GandCrab behind-the-scenes team also used the “ransomwareas-a-service” method in the dark network to sell the V5.2 version of the virus to the hackers, which was provided by the GandCrab team. Viruses, hackers choose targets to attack and blackmail the world. After the attack is successful, the GandCrab team will extract 30%-40% of profits. In order to collect money, it can be described as omnipotent.
Tips to Prevent Ransomware
1. Install powerful security software to defend against GandCrab ransomware and powerful killing, and protect personal data and property security in all aspects.
2. Improve safety management awareness, close unnecessary ports and share files.
3. Install patches to the system in time, repair server systems and web application vulnerabilities, use strong server login passwords and web application background login passwords to prevent attackers from attacking servers through exploits or weak password blasting.
4. Remember not to click on emails from unknown sources. Enterprise mail servers can try to deploy email security gateways, upgrade security policies, and pull such emails into spam blacklists to implement defenses.
Published by Emerson L. Sullivan & last updated on April 12, 2019 9:11 am