Officially putting a halt to the nightmare Ransomware GandCrab21/06/2019
An official announcement from Bitdefender and Europol stated, they have fruitfully released the latest code against the extortion code GandCrab, which has been a dangerous threat to many enterprises in the world over the past 1 year.
Just like many codes released before that Bitdefender has built, the decoding tools for ransomware GandCrab could not be provided free as there was still some vulnerability of the encryption algorithm. Instead, this security guard will cooperate with the government, state from many countries for the right of getting access to the server C&C of GandCrab to download the necessary decoding keys, and then use them to decode the victim’s file.
GrandCrab’s code of extortion used to shock the world
Since the toxic code GandCrab was released on 28th January 2018, many technology websites and security guard from all over the world have been watching its single movement. At that time, this code just began to be distributed through the Ransomware-as-an-Affiliate System on the implicit hacker forum such as Exploit.in.
The toxic code GandCrab was distributed through the Exploition RIG. When spreading to the victim’s system, it would decode all the files stored in the computer, which made them disable
Ransom announcement of GandCrab
During the operation time, the ones who stepped behind GandCrab continuously abused words to taunt, joke and collate to many famous security researchers. For instance, for the first release of ransomware GandCrab, the hacker decided to use the domain names for their server C&C (Command & Control), based on the organizations and websites which were supposed to be researching or considering this ransomware, as a challenge, including:
Since then, many security researchers and the ones being GandCrab have been instantly fighting against each other. During this period, the researchers seemed to be inferior to the development of GandCrab on a global scale. It was not until the release of the GandCarb version 5.2 (The last version) a few months ago that the global security guard started to roll out extremely heavy counter-attacks. A large number of servers C&C of GandCrab were successfully hacked and the network security expert released plenty of specialized code for this extortion code.
Finally, at the beginning of June, the ones behind GandCrab announced that they gradually stopped the ransomware Gandcrab after earning more than 2 billion dollars. The claim of the criminal gang with the latest decoding key released by the experts, the nightmare called ransomware GandCrab officially ended and now, the victim can decode and get access to their data.
More: GandCrab Ransomware stopped after earning 2 billion dollars
Decoding tools for file encoded by GandCarb
If you are a victim of toxic code ransomware GandCrab v1,v4 and version from 5 to 5.2, now, you can recover all the data encoded without paying the ransom through using the decoding key updated by Bitdefender.
The latest decoding tools for ransomware GandCrab
Firstly, download file BDGandCrabDecryptTool.exe here. After that, you need to open this program file and receive an agreement fo allowance, click on the “accept” button with the provisions. The decoder will begin to run and your announcement system should be connected to the internet in order to conduct the next steps. This request is necessary because this decoder needs to be connected to the Bitdefender Server to check your key and download it.
Here, the screen will show the decoding option GandCrab as below. Then, you can choose to decode all the encoded data or decode manually by selecting the specific files. According to the researchers, they recommend encoding manually to ensure that the decoder operates accurately without any serious problem.
Decoding option for GandCrab
After selecting the encoded file, click on the Start Tool. The system will start to download and decode the file. Concurrently during the process, the decoder will search and collect some specific information. This information will be uploaded to the Bitdefencer Server. When the process end, the decoder will send you a message and a warning in case of any problem happening.
The process of decoding the encoded file by ransomware GandCrab
If there are any problems, you can click on the log link to automatically open the log file named Temp%\BDRansomDecryptor\BDRansomDecryptor\BitdefenderLog.txt. The log file will contend a summary of the information of the decoded file as well as the error cases, or unable to be decoded. Don’t worry, you just need to reset the program and decoded the error file or leave your questions at the Supporting forum of GandCrab.
Completing the decoding GandCrab process
Although the attack of ransomware GandCrab ended, the men behind this are still mysterious. The threat of the extortion code ransomware can be sophisticated and outbreak at any time. However, this ending still seems to be good for human beings.
Vnetwork Joint Stock Company
+84 28 7306 8789
Need more information?