New tool to remove GandCrab ransomware encryption

A group of web application security testing experts has released a new version of the tool to remove the encryption imposed by the GandCrab ransomware; according to experts, this new tool could help millions of encryption malware victims unlock their files without having to negotiate a ransom with hackers.

GandCrab is one of the most recently active ransomware variants; since its detection in January 2018, experts estimate that it has infected more than 1.5 million computer equipments.

This new version of the decryption tool was created by security firm BitDefender and, according to web application security testing experts it can unlock files encrypted with the latest versions of GandCrab (5.0 to 5.2), as well as the previous versions of the malware.

Multiple information security companies and law enforcement agencies teamed up a couple of years ago to form the organization known as No More Ransom; firms such as BitDefender work in conjunction with the FBI, Europol, London Police, among others, to help individuals and companies impacted by ransomware attacks.

Through No More Ransom, cybersecurity firms have released different versions of software to remove GandCrab encryption, benefiting more than 30k ransomware victims and cutting funds for cybercriminals for up to $50 million USD.

This joint work to eradicate ransomware begins to get its reward; according to the web application security testing experts from the International Institute of Cyber Security (IICS), GandCrab developers have abandoned their operations in what is known as ransomware-as-a-service, through which anybody could hire a ransomware attack against companies or individuals. “We have removed the main source of revenue for GandCrab developers”, the experts mention.

To keep fighting ransomware, experts mention some basic security tips to prevent such infections in the future:

  • Beware of phishing: Do not open unsolicited or dubious files you receive by email; you should also avoid clicking on the links attached to these files
  • Back up: Try to have backups of your most important files to minimize losses in a possible ransomware attack
  • Rely on a security tool: Updated antivirus software will always provide an additional security layer for users