HomeBlockchainSecurityGandcrab: a ransomware attack that steals Dash

Gandcrab: a ransomware attack that steals Dash

A new ransomware attack called Gandcrab is now around and is spreading via email, taking advantage of the past Valentine’s Day festivities.

In fact, in the subject of Gandcrab, we find phrases like “Wrote my thoughts down about you” or “Felt in love with you” and an attached file with the words “Love_You_2018”.

The ransomware attacks computers, encrypting all the files. To unlock them, the user will have to make a payment in crypto.

The analysis of the attack was made by the team of Mimecast who found that criminals have used services that provide ransomware like Ransomware-as-a-Service(RaaS).

This service allows you to exclude all PCs that use a Russian configuration of the keyboard, a clear signal that the attackers wanted to exclude Russian citizens, perhaps because the criminals are just inhabitants of the country.

The ransomware allows identifying the victim since each encrypted file is assigned a URL and a specific token to better identify the user affected.

The virus then redirects to a tool to decrypt the computer that can be paid either in Dash or in bitcoin. It is not recommended to make the payment as you are not sure that the files are actually recovered.

The positive thing, however, is that this type of ransomware has been operating for a long time and software for data recovery have been developed for previous versions of the virus, so most likely soon a new data recovery software will be prepared for this version 5.0.4 too.

Alfredo de Candia
Alfredo de Candia
Android developer for over 8 years with a dozen of developed apps, Alfredo at age 21 has climbed Mount Fuji following the saying: "He who climbs Mount Fuji once in his life is a wise man, who climbs him twice is a Crazy". Among his app we find a Japanese database, a spam and virus database, the most complete database on Anime and Manga series birthdays and a shitcoin database. Sunday Miner, Alfredo has a passion for crypto and is a fan of EOS.