• About
  • Advertise
  • Careers
  • Contact
Friday, March 31, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Notorious GandCrab Ransomware Returns With A New Name

by Cyber360 News
November 11, 2019
in Security
0
Notorious GandCrab Ransomware Returns With A New Name
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

GandCrab was one of the most popular ransomware families in 2018 and 2019. The ransomware encrypted all the files on the target computer and demanded as much as $2,000 in Bitcoin or Dash for the decryption key. The authors behind GandCrab malware announced in June that they are scrapping the operations of the malware as they have made enough money from it. According to the authors, they earned $2 billion from ransomware payments.

Now, the security researchers at Secureworks Counter Threat Unit have spotted new ransomware that shares the same code as GandCrab and it is seen as an evolved version of Gandcrab.

jamf now

REvil, which is also known as Sodinokibi, has been linked to GandCrab malware.

Speaking to ZDNet, a security researcher said, “It certainly shares some code overlap with GandCrab and there are even artefacts in there which suggest that it was intended to be an evolution of GandCrab and they decided that GandCrab was ripe for a reband and relaunch.”

Why are researchers linking REvil to GandCrab?

Researchers have come up with the following reasons why they believe that GandCrab is resurfacing again in the form of REvil:

  • String decoding functions of REvil and GandCrab share similarities.
  • The two ransomware also share the URL binding functionality which produces similar URL patters for control servers and commands
  • Terms like ‘gcfin’ and ‘gc6’ in the code of REvil suggests a relation between GandCrab and REvil. Researchers believe that ‘gcfin’ stands for ‘GandCrab Final’ and ‘gc6’ denotes GandCrab 6.
  • Both REvil and GandCrab have whitelisted certain keyboard layouts as a measure to not infect Russian-based hosts.

Despite the similarities in the code, there are some differences as well which suggests that REvil could be the work of another bad actor who might be trying to imitate GandCrab.

While the operators of GandCrab often displayed an amicable relation with security researchers by often mentioning the researchers’ names in their command and control domains, actors behind REvil have a strict business approach.

REvil could be on its way to becoming of the most high profile ransomware. We recommend that users keep their system updated as and when updates arrive to safeguard themselves against cyber attacks.

jamf now
Also Read: Nasty Internet Explorer Bug Gives Away ‘Windows Admin Rights’ To Attackers
Cyber360 News

Cyber360 News

Next Post
Nasty Internet Explorer Bug Gives Away ‘Windows Admin Rights’ To Attackers

Nasty Internet Explorer Bug Gives Away ‘Windows Admin Rights’ To Attackers

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In