New ransomware GandCrab attacks Vietnamese enterprises

Thứ Hai, 09/04/2018, 15:12
PSNews - The Vietnam Computer Emergency Responses Teams (VNCERT) just released a new report on the detection of new ransomware called GandCrab. The malware is distributed through the RIG Exploit Kit.

Once infected, all data files on the user's computer will be encrypted, and the file extension will be changed to *.GDCB or *.CRAB. From this point, the infected files become unusable.

To decrypt the file, the ransomware generates a file named CRAB-DECRYPT.txt, and requests user to pay a ransom of 400 to 1000 USD in the e-currency of DASH.

The malware is distributed through the RIG Exploit Kit. Photo: VNN

VNCERT claimed that GandCrab is a very dangerous ransomware. VNCERT recommended enterprises and other users to block connection to the GandCrab host server and update anti-virus software such as IDS/IPS, Firewall.

Computer users should not open or click on links or email's attachments containing .doc, .pdf, .zip files sent from strangers, or from acquaintances but with an unusual title or language.

In case of detecting infected computers, organizations and enterprises should immediately isolate the infected computer and notify VNCERT for early treatment.

In the first two months of 2018, more than 1,500 cyber attacks were recorded in Vietnam, including 962 Deface attacks, 324 Malware attacks and 218 Phishing attacks. These included hundreds of attacks on websites of State agencies with the domain name ".gov.vn".

In 2017, the aggregate damage caused by computer viruses to Vietnamese users reached 12,300 billion VND (540 million USD), while this figure in 2016 was 10,400 billion.
By An Nhien