tr
Bitcoin
Bitcoin (BTC)
$66,836.00 0.36166
Bitcoin price
Ethereum
Ethereum (ETH)
$3,239.05 1.18225
Ethereum price
BNB
BNB (BNB)
$610.51 2.06628
BNB price
Solana
Solana (SOL)
$159.05 2.59582
Solana price
XRP
XRP (XRP)
$0.5513580 1.26606
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000272 1.49576
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000077 12.75293
Pepe price
Bonk
Bonk (BONK)
$0.0000225 11.33806
Bonk price
Bitcoin
Bitcoin (BTC)
$66,836.00 0.36166
Bitcoin price
Ethereum
Ethereum (ETH)
$3,239.05 1.18225
Ethereum price
BNB
BNB (BNB)
$610.51 2.06628
BNB price
Solana
Solana (SOL)
$159.05 2.59582
Solana price
XRP
XRP (XRP)
$0.5513580 1.26606
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000272 1.49576
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000077 12.75293
Pepe price
Bonk
Bonk (BONK)
$0.0000225 11.33806
Bonk price
Bitcoin
Bitcoin (BTC)
$66,836.00 0.36166
Bitcoin price
Ethereum
Ethereum (ETH)
$3,239.05 1.18225
Ethereum price
BNB
BNB (BNB)
$610.51 2.06628
BNB price
Solana
Solana (SOL)
$159.05 2.59582
Solana price
XRP
XRP (XRP)
$0.5513580 1.26606
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000272 1.49576
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000077 12.75293
Pepe price
Bonk
Bonk (BONK)
$0.0000225 11.33806
Bonk price
Bitcoin
Bitcoin (BTC)
$66,836.00 0.36166
Bitcoin price
Ethereum
Ethereum (ETH)
$3,239.05 1.18225
Ethereum price
BNB
BNB (BNB)
$610.51 2.06628
BNB price
Solana
Solana (SOL)
$159.05 2.59582
Solana price
XRP
XRP (XRP)
$0.5513580 1.26606
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000272 1.49576
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000077 12.75293
Pepe price
Bonk
Bonk (BONK)
$0.0000225 11.33806
Bonk price
SirWin
SirWin
SirWin

Users Beware: Dash Ransomware “GandCrab” of Russian Origin Infecting PDF Files

users-beware-dash-ransomware-gandcrab-russian-origin-infecting-pdf-files
By
This article is more than 4 years old
News
Users Beware: Dash Ransomware “GandCrab” of Russian Origin Infecting PDF Files

There’s a new ransomware on the loose, targeting unsuspecting victims’ computers by way of malicious downloadable PDF files. Before delving any deeper, BTCManager reminds all readers to exercise the utmost precaution while downloading PDF files from unknown senders.

What is GandCrab?

The looming threat came into the limelight after LMNTRIX, an Australian cybersecurity firm, published a report earlier in February 2018 claiming that a newly engineered ransomware dubbed “GandCrab” is being promoted on the dark web as a ransomware-as-a-service to cyber thugs. The content of the promotional campaign is in Russian, the security firm added.

If the term ransomware doesn’t ring a bell, it’s high time to investigate the security threat. While it is relatively new, it is also positioned as one of the worst forms of malware you are at risk of encountering.

Upon breaching the victim’s computer, a ransomware virus encrypts a user’s content, making it inaccessible. The only way the victim can hope to regain access to their content is by paying a hefty ransom to the perpetrators.

According to the LMNTRIX report, the GandCrab is developed in such a way that anybody can buy it online through a shady dark web marketplace. Once they purchase it, the buyer becomes a member of the extended GandCrab network. Any money made by victimizing unsuspecting users is then split between the developers and the members by a ratio of 60:40.

The members, however, have the option of increasing their shares up to 70 percent if they are able to breach a large number of computers successfully.

There are a few conditions to fulfill before the agents can get started, however. To use the ransomware to make money, members must register with the network and apply. Additionally, members are also prohibited from targeting users from the former Soviet Republic nations including the Commonwealth of Independent States (CIS).

How does GandCrab work?

The LMNTRIX report states that GandCrab makes use of RIG and GrandSoft exploit kits to spread and target computers. This technique is somewhat unique considering that said exploit kits are traditionally associated with malware such as trojans, and crypto miners.

There are no known reports of other ransomware in the past that depend on exploit kits to transmit and infect. Even more surprisingly, the exploit kit GandCrab uses was thought to have disappeared for some time.

Among other key findings, the LMNTRIX report also claims that the ransomware’s servers use a .bit domain. This information is significant given that the .bit domain is not included in the traditional ICANN authorized DNS and requires all payments to be handled using cryptocurrencies only.

Of the cryptocurrencies allegedly leveraged, Dash seems to be the preferred token of choice in this case as it offers a higher degree of anonymity compared to most other coins.

Each Dash token is equivalent to around $740, and the GandCrab ransomware demands 1.5 Dash from its victims, which translates to roughly $1,100 at press time. If the victim fails to pay the ransom within the stipulated period, the ransom price doubles.

dash Dash
$31.51
24h Volume $30,825,304
Market Cap $370,554,015
24h Low/High $31.07 / $32.00
24h 0.13%
7d 13.99%

Top Stories

Related News

Altcoin season approaching? Insights from experts amid Bitcoin’s halving aftermath
Markets
Read more - Altcoin season approaching? Insights from experts amid Bitcoin’s halving aftermath

Altcoin season approaching? Insights from experts amid Bitcoin’s halving aftermath

Polygon Labs earns crucial information security certificate
News
Read more - Polygon Labs earns crucial information security certificate

Polygon Labs earns crucial information security certificate

Telegram refutes CertiK’s auto-download security risk claim
News
Read more - Telegram refutes CertiK’s auto-download security risk claim

Telegram refutes CertiK’s auto-download security risk claim

Advertise