GandCrab Ransomware decryption tool available for free

A new family of ransomware dubbed GandCrab has been making its rounds since January this year. Spreading via malicious advertisements leading to Rig Exploit Kit landing pages or via crafted e-mail messages impersonating recepits, GandCrab has managed to infect around 50K computers. In order to get the decryptor, the GandCrab operators ask for a ransom of anywhere between hundreds and hundred thousand dollars in DASH – a crypto-currency that just made its debut in cybercrime.

The good news is that now you can have your data back without paying a cent to the cyber-criminals, as Bitdefender has released a free utility that automates the data decryption process.

How to use the tool?

Step 1: Download the decryption utility provided by Bitdefender and save it somewhere on your computer. Please note that this tool requires an active internet connection. Without this prerequisite the decryption process won’t continue.

Download the GandCrab decryption tool

Step 2: Run the utility (which gets saved by default as BDGandCrabDecryptor.exe).

Step 3: Agree to the terms and conditions.

Step 4: Provide the tool with a path to your encrypted files or, alternatively, check the “Scan the entire system” option and press the “Scan” button. We strongly advise that you backup the files by selecting the “backup files” option.

Step5: At this point, your files should be decrypted. If you checked the backup option, you will see both the encrypted and the decrypted files.

If you encounter any issues, please contact us at via the e-mail address provided in the removal tool.


This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (

*** This is a Security Bloggers Network syndicated blog from Bitdefender Labs authored by Bogdan Botezatu. Read the original post at: