6.5 C
New York
Friday, July 30, 2021

The author of the GandCrab ransomware is retiring

Over two billion dollars paid by victims affected by the GandCrab ransomware: the author greets everyone and enjoys the rich pension.

Must Read

Aakash Molpariya
Aakash started in Nov 2018 as a writer at Revyuh.com. Since joining, as writer, he is mainly responsible for Software, Science, programming, system administration and the Technology ecosystem, but due to his versatility he is used for everything possible. He writes about topics ranging from AI to hardware to games, stands in front of and behind the camera, creates creative product images and much more. He is a trained IT systems engineer and has studied computer science. By the way, he is enthusiastic about his own small projects in game development, hardware-handicraft, digital art, gaming and music. Email: aakash (at) revyuh (dot) com

fter just over a year and a half of activity, the claws of the  GandCrab ransomware loosen their grip and its managers announce their intention to retire (or devote themselves to the next threat). Identified for the first time by the Bitdefender researchers on January 28, 2018, it hit about 1.5 million unfortunate victims asking them to pay a ransom to get back the files taken hostage.

ZOMBIELOAD: Intel microcode for Windows v1809 / v1803 is available

The GandCrab ransomware loosens its grip

The origin is probably Russian. His particular way of working, more similar to that of a structured company than the modus operandi of a group of cyber criminals: access to ransomware was sold on underground circuits, with a sort of license agreement (ransomware) as-a-service) which required buyers to pay the author an affiliation fee of 40% of the proceeds of the redemptions. An enormous turnover, estimated by the same managers in over 2 billion dollars, for gains quantified on average in more than 2.5 million dollars every week. The author (or authors) claims to have personally pocketed over 150 million dollars, money already laundered and invested in legal, online and real world businesses.

Microsoft Hyper-V Server 2019 released

The announcement is the one shown in the screenshot above: affiliates are asked to interrupt the activity within 20 days and the victims  not to proceed with the payment of the ransom beyond the deadline, since in any case it would be impossible to re-establish access to the blocked files. Fortunately, the No More Ransom website,  managed by some companies active in the cybersecurity sector, provides a free tool to get around the obstacle.

This is the screenshot of a system affected by the ransomware action, with an explicit payment request for $ 9,700, to be made in cryptocurrency, chosen from Bitcoin  or DASH. All accompanied by images of the Mr. Krab character from the SpongeBob series. According to studies conducted by Bitdefender, it has affected about 1.5 million devices in a year and a half, without distinction in the consumer and professional sphere. The amount requested was not always the same: ranging from $ 600 for a single computer to 10,000 for a server, reaching 700,000 in some cases related to the enterprise world.

Such a complex and complex operation that GandCrab has been updated over time with the inclusion of new features and systems to circumvent antivirus control. A support chat has even been set up for the victims, so they could ask affiliates for a discount, as the picture above shows.

The new bug that affects computers that update to the latest version of Windows 10

- Advertisement -


Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Moderna Covid vaccine causes pus-filled lumps on men’s faces – New but rare side effect

In a rare side effect, men developed pus-filled lumps on their faces after receiving the Covid vaccine. Following a dose...
- Advertisement -

More Articles Like This

- Advertisement -