There’s a new ransomware going around the web. Its named Gandcrab ransomware. Now, you didn’t know what is a ransomware let me tell you some brief definition of it.
What is a Ransomeware?
A ransomware just from its name “ransom” means its a crime that involves money and a hostage. Now this hostage is your files and software stored on the infected machine or PC. The victims files will get encrypted on some language that only the attacker can decryption keys. Meaning you cannot use these files because their system language has been altered to the root! If you have an image file, documents, videos, or anything these files would be unusable. And only the attacker can make it back to normal. Of course, your files are the hostage and the attacker will ask for money to get your files back normal just like this image below.
And no, you cannot bring them back to normal on your own. Even if you hire some top-notched computer security guy. They might be albe to crack the encrpytion but it will definitely take a lengthy amount of time and I mean lengthy I mean years of non-stop decryption. Well, I guess if you are lucky they you can call an FBI-network security guy then they might be able to fix it in no time.
What is GandCrab?
GandCrab ransomware Its a ransomeware virus that attacked more than 500,000 companies worldwide since July of 2018. And just last year it has attacked Vietname and most of Asian countries.
Where GandCrab Originated?
It’s not clear where this virus originated or who made it. On my personal opinion since its been attacking most of Asian countires it should something to do with our Chinese friends.
How to get infected with GandCrab?
- Gandcrab like most of the viruses disguised itself a legit file. Gandcrab displays as a legitimate archive file with a file name .rar it can get attached to emails and email server cannot detect it. The email containing the virus would be sent to companies employees. The victim opens the .rar file and it will start attacking the machine, encrypting everything on its sight.
How to get back the encrpyted files?
When GandCrab ransomware was opened it will start encrypting files on the victims PC and will open a window that asks for a ransom money ranges from USD400 – USD1,000. However, after the payment its not 100% sure you will get back your files.
How to prevent such attacks?
- Since this is fairly new kind of virus. It’s very hard to detect whether its a legitimate file or not. Anti-virus software cannot even detect is as a virus. Just don’t open random files on an email that came from someone you don’t know.
- Make sure you have anti-virus installed on your PC. Most ransomware or almost 90% or computer viruses can be detected with the help of an anti-virus software.
- Do not open malicious looking files. Especially from unknown email address.
- For more details on how to prevent such attacks visit this tips to avoid email scams.