Collaborating with Europol, Romanian Police, FBI and others, cyber security company Bitdefender has released a decryption tool for recent versions of GandCrab – one of the world’s most prolific ransomware attacks lately.
The new decryption tool can decrypt data ransomed by versions 1, 4 and 5 of the GandCrab malware, as well as all versions of the ransomware for a limited set of victims in Syria.
“The release of this decryption tool is a spectacular breakthrough that highlights the effectiveness of collaboration between security vendors and law enforcement agencies,” said a Bitdefender spokesperson. “We have spent months on crypto-research and deployed considerable infrastructure to make this possible and help victims regain control of their digital lives at no cost.”
GandCrab has been highly active since January 2018, operating on an affiliate model. Its developers make the malware available As-a-service to interested parties in return for a share of the profits. This ransomware family spreads via multiple attack vectors, such as spam email, exploit kits and affiliated malware campaigns.
In 2018, GandCrab has undergone several makeovers, “particularly after Bitdefender released the v.1 decryption tool also developed collaboratively with local and international law enforcement agencies,” stated Bitdefender.