GandCrab attacks might stop in the near future

GandCrab ransomware is the first to accept DASH cryptocurrency

GandCrab is a dangerous cyber threat which is designed to encrypt important files on the targeted computer and demand a ransom. Victims are asked to pay 1.54 DASH within four days, or the amount of the payment will double. The information about the data encryption is presented in GDCB-DECRYPT.txt file which is considered to be the ransom note.

Since people whose computers are infected with GandCrab ransomware are unable to open files with .gdcb extension, they start feeling desperate and agree to make the transaction. However, such actions only motivate the criminals to invent new versions of their malicious programs.

Likewise, you should NOT pay the ransom under any circumstances. Note that the experts have not only developed an official GandCrab decryptor but also there are alternative data recovery methods which might help you get back the access to the encrypted files. Likewise, the era of this file-encrypting virus might come to an end.

Criminals hurried to release a new version of the ransomware — GandCrab2

Shortly after GandCrab hit the cyberspace, its developers upgraded the original version to GandCrab2. Even though both of the file-encrypting viruses are based on the same source code, there are slight changes which allow us to differentiate those two variants. Fortunately, both of them are decryptable with a professional decryption software.

The easiest way to recognize GandCrab2 ransomware is by the file extension it uses to lock the data — .CRAB. Additionally, the victims are no longer asked to pay an enormous 1.54 DASH ($1200) ransom for the decryptor. Now, the amount of the payment has decreased to $500 in DASH cryptocurrency.

Also, the information on how to decrypt files encoded by GandCrab2 is delivered in the same CRAB-DECRYPT.txt ransom-demanding message. However, remember that both versions of this cyber threat are decryptable with an official software which is generated by professional IT experts. Thus, you do NOT need to pay the criminals.

Ways how crypto-malware reaches its victims’ computers

Ransomware infections are highly sophisticated ones, so they usually do not act alone — the file-encrypting virus enters the targeted system with the help of RIG and GrandSoft Exploit kits. They are developed to identify vulnerabilities in the system and help infiltrate ransomware.

If you believe that such software was remotely infused into your computer, you are wrong. Usually, criminals send fake spam emails which hold a malicious attachment. Unfortunately, those letters look innocent, and people are often lured into clicking on file. This is the moment when the bogus program is delivered to your system.

Additionally, hackers try to create websites which insist on downloading fake Chrome Font Pack Updates to view the full content of the site. Sadly, this is another trick to make you manually install a malicious program on your system. Therefore, experts recommend you to pay extreme attention when browsing the Internet.

Learn how to uninstall GandCrab virus and recover your data

Since GandCrab decryptor is already here, there is no need to keep the virus on your system or agree to pay the ransom. On the contrary, you must get rid of it as soon as possible to start data recovery. However, we want to warn you that it is a complicated procedure and you should get assistance.

If you don’t have time to meet an IT specialist you can remove GandCrab with the help of the elimination instructions. Although, they might be tricky so you should not skip steps and read them attentively to avoid any further damage to your operating system.

Additionally, in case after GandCrab removal you are still unable to use the decryption software, try alternative recovery ways which are presented together with the elimination guidelines. We hope that the decryptor will help to bring this ransomware down.

Posted in support.