Researchers in the field of cybersecurity has released an updated version of the GandCrab ransomware decryption tool, which could enable millions of users to decrypt their encrypted files without paying a ransom to cybercriminals.
GandCrab is one of the most prolific ransomware families to date, having infected more than 1.5 million computers since its introduction in January 2018.
BitDefender’s new GandCrab decryption tool [download] can now decrypt files encrypted by the most recent ransomware versions, 5.0 to 5.2, as well as older GandCrab ransomware versions.
As part of the “No More Ransom” Project, BitDefender collaborates with the FBI, Europol, London Police, and several other international law enforcement agencies to assist ransomware victims.
In recent months, the cybersecurity company released ransomware removal tools for some older versions of GandCrab, allowing nearly 30,000 victims to recover their data for free and saving approximately $50 million in unpaid ransoms.
The creators of GandCrab have recently announced the retirement of their Ransomware-as-a-Service (RaaS) operations, which enabled criminal hackers affiliated with organized crime to extort over $2 billion from victims.
While the number is exaggerated, the GandCrab operation was profitable enough to allow its masters to retire, according to BitDefender researchers. “The shutdown will be followed by the deletion of all keys, making it impossible for victims to retrieve ransomware-encrypted data, even if they pay the ransom.”
“Launched in January 2018, GandCrab quickly became the hacker tool of choice for affiliate-based ransomware, holding a 50 percent market share by mid-2018,” Europol explained.
“Set up as a ransomware-as-a-service licensing model, distributors could purchase the ransomware on dark web markets and distribute it to victims. In exchange, they would give the GandCrab developers 40% of their profits and keep 60% for themselves.”
The majority of computer viruses gain access to your systems due to a lack of basic security measures. Here are some simple precautions you should always take to protect your computer from ransomware attacks:
- Beware of Phishing Emails – Always be wary of unsolicited documents sent via email, and never click on links within these documents without first verifying their source.
- Regular Backups — To always have a firm grasp on all your important files and documents, implement a reliable backup routine that copies them to an external storage device that is not permanently connected to your PC.
- Maintain an Up-to-Date Antivirus Software and System — Always maintain an up-to-date antivirus software and system to protect against the most recent threats.
