Gandcrab Ransomware Declawed As Researchers Unleash Free Decryption Tool

Crab Claw
Security researchers at Bitdefender have updated a decryption tool to deal with the latest version of GandCrab, a popular form of ransomware that its authors sold to clients on the dark web for a supposedly enormous profit. The decryption tool is free, and could potentially save a GandCrab victim from a major headache

Bitdefender estimates that GandCrab has claimed more than 1.5 million victims around the globe in more than a year of operation. That includes both home users and corporations. In a recent farewell post, the ransomware's authors said GandCrab netted its nefarious clients around $2 billion, earning the hacking group "more than $150 million per year."

"We have proven that be doing evil deeds, retribution does not come. We proved that in a year you can earn money for a lifetime. We have proved that it is possible to become number one not in our own words, but in recognition of other people," the hackers wrote in a forum post.

Bitdefender believes the $2 billion figure is "clearly exaggerated," but notes that GandCrab was prolific enough to allow its authors to retire.

It was hoped at the time of the farewell message that the hacking group responsible would make available a decryption tool of its own. However, it does not appear that it did. Fortunately for those affected, the latest update to Bitdefender's tool is capable of neutralizing the latest versions of GandCrab, including version 5.2.

Researchers believe GandCrab is based in the former Soviet space, with its victims spread around the world. In less than a year, GandCrab became the most widespread ransomware—it's estimated to have accounted for around half of all ransomware infections.

If you are infected, head over to NoMoreRansom.org to download the latest version of the decryption tool. The same site also contains links to decryption tools for other types of ransomware, including GetCrypt, MegaLocker, ZQ, and others.

Image Source: Pixabay (nbostanova)
Show comments blog comments powered by Disqus