Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Belarus Announces Arrest of GandCrab Ransomware Distributor
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Belarus Announces Arrest of GandCrab Ransomware Distributor

6 years ago David Bisson
Belarus Announces Arrest of GandCrab Ransomware Distributor

Government officials in Belarus announced they had arrested an individual on charges of having helped to distribute GandCrab ransomware.

On July 30, the Ministry of Internal Affairs (MIA) of the Republic of Belarus revealed that it had arrested a 31-year-old resident of Gomel in cooperation with the United Kingdom and Romania.

An investigation into the Gomel resident revealed that they had infected more than one thousand computers with GandCrab ransomware.

Malicious actors involved GandCrab in various attack campaigns over the years. Back in August 2018, for instance, a group of digital attackers staged a spam email campaign to target South Korean users with version 4.3 of the ransomware. That was just a couple of months before the Fallout exploit kit made news for distributing GandCrab along with Kraken ransomware.

Security researchers were busy working on a decryption tool throughout these campaigns. In October 2018, Bitdefender released a free GandCrab decryptor after the threat’s authors published keys specifically for citizens of Syra. Bitdefender went on to release two updated versions of its decryption software in February 2019 and June 2019.

As reported by Trend Micro, the authors of GandCrab are believed to have redirected their attention to crafting the more advanced ransomware variant Sodinokibi.

According to MIA statement, the Gomel resident maintained their control of GandCrab using an admin panel that was available on the dark web. This tactic enabled the individual to remain hidden while they transferred ransom payments worth approximately $1,200 to the ransomware’s authors along with those who owned the admin panel’s server.

The individual had helped to infect victims located in India, the United States, Ukraine, Great Britain, Germany, France, Italy and Russia with the ransomware.

MIA urged users to protect themselves against a ransomware infection by avoiding suspicious links, backing up their data and keeping their software up to date. They can also use these steps to prevent a successful ransomware attack.

The post ” Belarus Announces Arrest of GandCrab Ransomware Distributor” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Encryption, Exploit, Goverment, Malware, Ransomware, TripWire

Continue Reading

Previous Meetup Critical Flaws Allow ‘Group’ Takeover, Payment Theft
Next Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

13 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)

14 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Most Remediation Programs Never Confirm the Fix Actually Worked

14 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

15 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

17 hours ago [email protected] (The Hacker News)

Recent Posts

  • Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
  • Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
  • [Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)
  • Most Remediation Programs Never Confirm the Fix Actually Worked
  • Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT