Sunday, May 28, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About Us
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • BSidesSF 2023 - Alexis Hancock - HSMs in Plain Envelopes: A Code Signing Story
  • Is Your SIEM Strategy Failing You? Here’s Why AI-Powered XDR Might Be The Answer
  • Live phishing tests not getting the results you want? Here’s what to do.
  • BSidesSF 2023 - Leif Dreizler - Tracking Meaningful Security Product Metrics
  • The Developer’s Guide to Mobile Authentication
Data Security SBN News Security Bloggers Network 

Home » Cybersecurity » Data Security » Files Encrypted by GandCrab Ransomware Can Now Be Decrypted for Free

SBN

Files Encrypted by GandCrab Ransomware Can Now Be Decrypted for Free

by Tripwire Guest Authors on October 25, 2018

GandCrab has become one of the most devastating, and hence most successful, ransomware families of 2018. Alongside the Dharma cryptovirus family, GandCrab has enslaved the files of millions of users in a number of active campaigns via several iterations. This is the list of all the versions of the ransomware:

DevOps ConnectSponsorships Available
  • GandCrab .GDCB
  • GandCrab .CRAB (v2)
  • GandCrab .CRAB (v2.1)
  • GandCrab .CRAB (v3)
  • GandCrab .KRAB (v4)
  • GandCrab .krab (v4.1)
  • GandCrab V5.0
  • GandCrab 5.0.1.
  • GandCrab 5.0.2.
  • GandCrab 5.0.3.
  • GandCrab 5.0.4.

GandCrab Decryption Tool Now Available

Fortunately for all the victims, GandCrab’s story is coming to an end – BitDefender researchers have come up with a free decryption tool that uses an RSA-2048 private key. The tool recovers files affected by GandCrab ransomware. Such files can be recognized by the extensions the ransomware appends to compromised files as well as via the ransom note.

As noted by the researchers, for this solution to work, you should have at least one ransom note on your computer. This ransom note is required to recover the decryption key, meaning that you should not deploy a clean-up program which typically detects and removes these notes. Specific instructions on how to decrypt files encrypted by Gandcrab for free are also available.

GandCrab Decryptor Comes After Keys for Syrian Citizens Were Released

The news about the free decryptor arrives shortly after the ransomware authors released decryption keys specifically for citizens of Syria. This occurred after a Syrian victim asked for help with the recovery of his encrypted data in a tweet. Photographs of his deceased children, casualties of the civil war in Syria, were among the files affected by the ransomware. Eventually, GandCrab’s operators noticed the tweet and responded with a post on a forum, which stated that keys (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/featured/files-encrypted-by-gandcrab-ransomware-can-now-be-decrypted-for-free/

October 25, 2018October 25, 2018 Tripwire Guest Authors Decryption, Featured Articles, gandcrab, IT Security and Data Protection, Latest Security News, Ransomware
  • ← Netsparker’s Web Security Scan Statistics for 2018
  • Unveiling the Threats You Can’t See: Cybersecurity Advice for the Trucking Industry →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Sun 28

Simplify, Secure, Strengthen: Implementing Zero-Trust Across Your Endpoints

May 17 @ 1:00 pm - July 12 @ 2:00 pm
Tue 30

Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities

May 30 @ 1:00 pm - 2:00 pm
Jun 05

Securing Open Source

June 5 @ 1:00 pm - 2:00 pm
Jun 08

ActiveState Workshop: Building Secure and Reproducible Open Source Runtimes

June 8 @ 1:00 pm - 2:00 pm
Jun 13

Uncovering the Hidden Cybersecurity Threat in Your Organization

June 13 @ 1:00 pm - 2:00 pm
Jun 14

Enrich Security Investigations With ServiceNow Asset Data in Snowflake

June 14 @ 3:00 pm - July 24 @ 4:00 pm
Jun 15

Securing Containers & Kubernetes With AWS And Calico

June 15 @ 3:00 pm - 4:30 pm
Jun 22

Strange Bedfellows: Software, Security and the Law

June 22 @ 11:00 am - 12:00 pm
Jun 22

Sneak Peek: Cloud Security Prioritized With Sonrai

June 22 @ 1:00 pm - 2:00 pm
Jun 22

Unleash the Potential of Your Log and Event Data, Including AI’s Growing Impact

June 22 @ 3:00 pm - 4:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

‘BrutePrint’ Unlocks Android Phones — Chinese Researchers
3 Ways to Streamline Auth, Access & Security for Oracle EBS
Dell Launches Project Fort Zero Service to Accelerate Zero-Trust IT Shift
The Security Maturity Improvement Imperative
Three Biggest Issues Driving Cybersecurity
Shopify Stores Privacy Policy: What you need to know?
SuperMailer Abuse Explodes, Now Responsible for 14% of All Credential Phish Discovered in Inboxes
Salt Labs exposes a new vulnerability in popular OAuth framework, used in hundreds of online services
GUEST ESSAY: A primer on NIST 207A — guidance for adding ZTNA to cloud-native platforms
Critical Vulnerability in Zyxel Network Appliances Exploited, PoC Scripts Circulating

Download Free eBook

The State of Cloud Native Security 2020

Industry Spotlight

Dell Launches Project Fort Zero Service to Accelerate Zero-Trust IT Shift
Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response Industry Spotlight News Security Boulevard (Original) Spotlight 

Dell Launches Project Fort Zero Service to Accelerate Zero-Trust IT Shift

May 23, 2023 Michael Vizard | 4 days ago 0
Facebook Fined $1.3B — Zuckerberg Furious in GDPR Fight
Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Security Operations Social Engineering Spotlight Threats & Breaches 

Facebook Fined $1.3B — Zuckerberg Furious in GDPR Fight

May 22, 2023 Richi Jennings | May 22 0
Google Chrome 3rd Party Cookies Crumbling — Finally!
Analytics & Intelligence API Security Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Security Operations Spotlight Threat Intelligence Threats & Breaches 

Google Chrome 3rd Party Cookies Crumbling — Finally!

May 19, 2023 Richi Jennings | May 19 0

Top Stories

COSMICENERGY: ‘Russian’ Threat to Power Grids ICS/OT
Analytics & Intelligence API Security Cloud Security Cyberlaw Cybersecurity Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response IOT IoT & ICS Security Malware Most Read This Week Network Security News Popular Post Security Boulevard (Original) Security Operations Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

COSMICENERGY: ‘Russian’ Threat to Power Grids ICS/OT

May 26, 2023 Richi Jennings | 1 day ago 0
Federal Appellate Court Approves ‘Pretext’ Border Search
Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access News Security Boulevard (Original) 

Federal Appellate Court Approves ‘Pretext’ Border Search

May 26, 2023 Mark Rasch | 1 day ago 0
U.S.-South Korea Forge Strategic Cybersecurity Framework
Cybersecurity Featured Governance, Risk & Compliance News Security Boulevard (Original) Spotlight Threat Intelligence 

U.S.-South Korea Forge Strategic Cybersecurity Framework

May 25, 2023 Christopher Burgess | 2 days ago 0

Security Humor

Daniel Stori's ‘# $ To Devops Or Not To Devops’

Daniel Stori’s ‘# $ To Devops Or Not To Devops’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.