Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Belarus Announces Arrest of GandCrab Ransomware Distributor
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Belarus Announces Arrest of GandCrab Ransomware Distributor

6 years ago David Bisson
Belarus Announces Arrest of GandCrab Ransomware Distributor

Government officials in Belarus announced they had arrested an individual on charges of having helped to distribute GandCrab ransomware.

On July 30, the Ministry of Internal Affairs (MIA) of the Republic of Belarus revealed that it had arrested a 31-year-old resident of Gomel in cooperation with the United Kingdom and Romania.

An investigation into the Gomel resident revealed that they had infected more than one thousand computers with GandCrab ransomware.

Malicious actors involved GandCrab in various attack campaigns over the years. Back in August 2018, for instance, a group of digital attackers staged a spam email campaign to target South Korean users with version 4.3 of the ransomware. That was just a couple of months before the Fallout exploit kit made news for distributing GandCrab along with Kraken ransomware.

Security researchers were busy working on a decryption tool throughout these campaigns. In October 2018, Bitdefender released a free GandCrab decryptor after the threat’s authors published keys specifically for citizens of Syra. Bitdefender went on to release two updated versions of its decryption software in February 2019 and June 2019.

As reported by Trend Micro, the authors of GandCrab are believed to have redirected their attention to crafting the more advanced ransomware variant Sodinokibi.

According to MIA statement, the Gomel resident maintained their control of GandCrab using an admin panel that was available on the dark web. This tactic enabled the individual to remain hidden while they transferred ransom payments worth approximately $1,200 to the ransomware’s authors along with those who owned the admin panel’s server.

The individual had helped to infect victims located in India, the United States, Ukraine, Great Britain, Germany, France, Italy and Russia with the ransomware.

MIA urged users to protect themselves against a ransomware infection by avoiding suspicious links, backing up their data and keeping their software up to date. They can also use these steps to prevent a successful ransomware attack.

The post ” Belarus Announces Arrest of GandCrab Ransomware Distributor” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Encryption, Exploit, Goverment, Malware, Ransomware, TripWire

Continue Reading

Previous Meetup Critical Flaws Allow ‘Group’ Takeover, Payment Theft
Next Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

3 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

5 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

18 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

22 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

24 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

1 day ago [email protected] (The Hacker News)

Recent Posts

  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
  • Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT