GandCrab Ransomware Shutting Down After Claiming to Earn $2.5 Billion
by ch3ckmate - June 04, 2019 at 01:26 AM
#1
Article: https://www.bleepingcomputer.com/news/se...5-billion/

Quote:After almost a year and a half, the operators behind the GandCrab Ransomware are shutting down their operation and affiliates are being told to stop distributing the ransomware.

Filling the gaps left behind by the shutdown of large scale ransomware operations such as TeslaCrypt, CryptoWall, and Spora, GandCrab exploded into the ransomware world on January 28th, 2018, when they started marketing their services on underground criminal sites.

Since then, they had become one of the dominant, if not the most dominant, actors in ransomware operations, with their operations only starting to slow down over the past few months.

According to security researchers Damian and David Montenegro who have been following the exploits of GandCrab on the underground hacking and malware forum Exploit.in, the GandCrab operators have posted that they are shutting down their operation.

In images provided to BleepingComputer by Damian, we can see the operators stating that they have generated more than $2 billion in ransom payments, with average weekly payments of $2.5 million dollars. They go on to say they have personally earned $150 million, which they have cashed out and invested in legal business entities.

[Image: gandcrab-message.jpg]

Quote:With this announcement GandCrab has said they have stopped promoting the ransomware, asked the affiliates to stop distributing the ransomware within 20 days, and asked their topic to be deleted at the end of the month.
#2
Holy fuck, if thats true, then those people are really set for life. Wondering how they cashed their money though.
#3
(June 04, 2019 at 01:42 AM)Illuminati Wrote: Holy fuck, if thats true, then those people are really set for life. Wondering how they cashed their money though.

The author doubts the claims of 2.5B.

Later down it states:

Quote:While the operators behind GandCrab most likely made many millions of dollars, the claims of $2 billion in ransom payments are very likely to be untrue.

These lofty claims are not surprising, as the developers of GrandCrab have always been jokesters and have engaged security researchers in ways most malware developers do not.

Let's hope the authors do the right thing and release all the decryption keys right after they shut down. That would at least give them +1 good guy karma on top of their existing -9000000 bad karma lol
#4
Good news for anyone that got popped by this

https://www.bleepingcomputer.com/news/se...are-story/

Quote:In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2.

In announcements by both Bitdefender and Europol, a decryptor for the GandCrab Ransomware was released that decrypts the latest versions of the ransomware.
#5
Something very suspect about this story. May be they thought they were close to getting caught and try to make quick exit? I don't know ...
#6
(June 18, 2019 at 11:41 PM)ch3ckmate Wrote: Good news for anyone that got popped by this

https://www.bleepingcomputer.com/news/se...are-story/

Quote:In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2.

In announcements by both Bitdefender and Europol, a decryptor for the GandCrab Ransomware was released that decrypts the latest versions of the ransomware.

Good guy bitdefender! I wonder how they will cash out there millions

Possibly Related Threads…
Thread Author Replies Views Last Post
New iPhone 2019 branded ‘UGLY’ before it’s even out after brand new design leaks Parabol23 7 578 July 21, 2019 at 12:02 AM
Last Post: ch3ckmate
Hackers are scanning for MySQL servers to deploy GandCrab ransomware umerkhan 4 440 May 30, 2019 at 01:16 AM
Last Post: duckiee
Four Ukrainians who ran XDedic arrested and site taken down ch3ckmate 1 319 February 26, 2019 at 01:59 PM
Last Post: Berlusc0ni

 Users browsing this thread: 1 Guest(s)