Category Archives: gandcrab

Is ‘REvil’ the New GandCrab Ransomware?

Posted on by

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.” Continue reading Is ‘REvil’ the New GandCrab Ransomware?

Indiana county meets $130,000 ransomware demand, despite advice against payment

Posted on by

This is starting to become all too familiar. Officials in La Porte County, Indiana, agreed to pay $130,000 in bitcoin to alleviate the pain from a ransomware attack that affected two domain controllers, knocking network services offline, according to WSB-TV. While an insurer will cover $100,000 of that fee, the northern Indiana county is the latest local government to pay digital extortionists to unlock a compromised network amid a spree of similar incidents throughout the country. Attackers hit La Porte on July 6, deploying the Ryuk ransomware to disable the city’s computer network, website and email service systems. Versions of Ryuk, which the FBI said has had a “disproportionate impact” on small municipalities, also have been blamed for attacks on Georgia’s court system and on small towns in Florida. In this case, La Porte County leaders told WSB-TV they decided to pay the ransom after a decryption key provided by […]

The post Indiana county meets $130,000 ransomware demand, despite advice against payment appeared first on CyberScoop.

Continue reading Indiana county meets $130,000 ransomware demand, despite advice against payment

Researchers Release Decryptor that Works against GandCrab Version 5.2

Posted on by

Security researchers have released a decryptor that works against the latest variants of GandCrab ransomware, including version 5.2. On 17 June, Bitdefender announced that users can download the tool from the No More Ransom Project’s website. The… Continue reading Researchers Release Decryptor that Works against GandCrab Version 5.2

Good riddance, GandCrab! We’re still fixing the mess you left behind.

Posted on by

On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pai… Continue reading Good riddance, GandCrab! We’re still fixing the mess you left behind.

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Posted on by

For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it. Continue reading Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware