Results for GandCrab ransomware

Threat Research

GandCrab Threat Actors Retire...Maybe

In a surprising announcement two weeks ago, the threat group behind the malware operation GandCrab announced that they had shut down their operations. Learn more about if they are actually retiring.

By Joie SalvioJune 24, 2019

Threat Research

A Chronology of GandCrab v4.x

During the past two months, FortiGuard Labs has been monitoring an onslaught of updates from GandCrab as a result of their agile development method. Some of these updates included major changes, while some only had minimal. In the midst of this, a series of tit-for-tat exchanges were witnessed by many researchers between the ransomware authors and the South Korean-based security company Ahnlab over the vaccine tools that the latter released in mid-July.

By Joie SalvioAugust 27, 2018

Threat Research

GandCrab v4.1 Ransomware and the Speculated SMB Exploit Spreader

Only two days after the release of GandCrab 4.0, FortiGuard Labs found a newer version (v4.1) being distributed using the same method, which is through compromised websites disguised as download sites for cracked applications.

By Joie SalvioJuly 12, 2018

Threat Research

GandCrab V4.0 Analysis: New Shell, Same Old Menace

It has been over two months since GandCrab has undergone a major update. While this latest version includes an overhaul in terms of the code structure, its major purposes are practically the same.

By Joie SalvioJuly 09, 2018

Threat Research

GandCrab V3 Accidentally Locks Systems with New ‘Change Wallpaper’ Feature

GandCrab is one of the most talked about ransomware families this year primarily due to its increasing distribution volume, as we described in our previous article. At the end of last month, FortiGuard Labs discovered a new spam wave from the same campaign delivering the latest version, GandCrab v3.

By Joie SalvioMay 04, 2018

Threat Research

GandCrab 2.1 Ransomware on the Rise with New Spam Campaign

Recently, FortiGuard Labs has been observing a surge in an email spam campaign delivering the latest GandCrab v2.1 ransomware. This article provides a basic overview of this malicious campaign, and points out details that can help users identify it.