Since my July 10 post about GandCrab, the virus has evolved, using more techniques to hide itself from traditional antivirus software.
The latest version 4.1 attacks the PEB (Process Environment Block), an area in memory which contains information about each running process, in a way that antivirus software doesn't detect.
GandCrab 4.1 can attack your computers when you visit an infected webpage on a WordPress site even if you don't click on anything. Infections can also result from openin a Phishing email or trying to use a "cracked" version of commercial software.
For more information on GandCrab, see: https://blog.morphisec.com/gandcrab-ransomware-version-4.0/4.1
The GandCrab virus has been targeted by antivirus companies AhnLab and Bitdefender.
Bitdefender published free software to decrypt files attacked by GandCrab earlier this year. Bitdefender is a member of the No More Ransom project that creates decrypters for many types of ransomware:
No More Ransom downloads
You might be able to recover from a GandCrab ransomware attack using the free decrypter, but unfortunately GandCrab and other virus keep evolving.
You are much safer with next-generation antivirus protection that has layers of defenses beyond traditions virus signature detection and heuristic threat analysis.
Our mission is to keep you safe!
GandCrab Virus Evolves
← Older Post Newer Post →