A group of web application security testing experts has released a new version of the tool to remove the encryption imposed by the GandCrab ransomware; according to experts, this new tool could help millions of encryption malware victims unlock their files without having to negotiate a ransom with hackers.
GandCrab is one of the most recently active
ransomware variants; since its detection in January 2018, experts estimate that
it has infected more than 1.5 million computer equipments.
This new version of the decryption
tool was created by security firm BitDefender and, according to web
application security testing experts it can unlock files encrypted with the
latest versions of GandCrab (5.0 to 5.2), as well as the previous versions of
the malware.
Multiple information security companies and law
enforcement agencies teamed up a couple of years ago to form the organization
known as No More Ransom; firms such as BitDefender work in conjunction with the
FBI, Europol,
London Police, among others, to help individuals and companies impacted by ransomware
attacks.
Through No More Ransom, cybersecurity firms
have released different versions of software to remove GandCrab encryption,
benefiting more than 30k ransomware victims and cutting funds for
cybercriminals for up to $50 million USD.
This joint work to eradicate ransomware begins
to get its reward; according to the web application security testing experts
from the International Institute of Cyber Security (IICS), GandCrab developers
have abandoned their operations in what is known as ransomware-as-a-service, through
which anybody could hire a ransomware attack against companies or individuals.
“We have removed the main source of revenue for GandCrab developers”,
the experts mention.
To keep fighting ransomware, experts mention
some basic security tips to prevent such infections in the future:
- Beware
of phishing: Do not open unsolicited or dubious files you receive by email; you
should also avoid clicking on the links attached to these files - Back
up: Try to have backups of your most important files to minimize losses in a
possible ransomware attack - Rely
on a security tool: Updated antivirus software will always provide an
additional security layer for users
