Update from No More Ransom helps victims of GandCrab attacks

GrandCrab "surpassed all other strains of ransomware in 2018," says Europol, which helped the No More Ransom project develop the decryption tool with security company Bitdefender and other law enforcement agencies.
decrypt decryption key unlock ransomware
(Getty Images)

International authorities and the security company Bitdefender have released a new decryption tool meant to help people sidestep infections of the GandCrab ransomware, Europol announced Tuesday.

The No More Ransom software initiative, which first began in 2016, is now enabling GandCrab victims to unlock their files for free without meeting extortionists’ demands. The updated No More Ransom software released Tuesday remedies GandCrab versions 5.0.4 through 5.1, which have infected victims since November 2018.

“GandCrab has surpassed all other strains of ransomware in 2018, having infected over half a million victims since it was first detected in January last year,” Europol said in a statement.

This particular No More Ransom tool was developed by Bitdefender in collaboration with Romanian police, Europol, and law enforcement from throughout Europe, the U.S. and Canada.


Previous versions of the software have been downloaded more than 400,000 times, decrypting information for nearly 10,000 victims to the tune of some $5 million, Europol said. No More Ransom’s website lists tools for decrypting files locked by dozens of varieties of malware.

This GandCrab update follows a similar No More Ransom release helping users retrieve files locked by the Crykal ransomware, an update developed by international police and Kaspersky Lab.

GandCrab authors typically compromise victims via malvertising, by disguising the malware as a legitimate app, or by using brute force attacks to infiltrate target networks.

Latest Podcasts