GandCrab is malicious software in the ransomware family, created to encrypt the victim’s files. It allows the attacker to hijack the system, and only decrypt the files once a ransom is paid. In 2018 it spread at a rather worrying rate, and it continued into early 2019.
This ransomware is also famous for being among the first to be part of the Ransomware-as-a-Service (RaaS) business model. As such, it essentially meant that the GandCrab creators could infect systems and also help other cybercriminals infect systems using their software.
Preventing GandCrab
Fortunately, GandCrab is no longer an active threat, but the steps taken to prevent it can also apply to other ransomware still active today. Below are a few steps to take:
- Ensure your software is up-to-date: Ransomware is designed to exploit weaknesses in outdated software. To prevent this, it is advisable to update your device’s operating system and apps regularly. This way, you ensure your system always has the latest security patches to help it handle new threats.
- Keep a backup of important data: Backups are a great way to protect your system and files against GandCrab and other ransomware attacks. For maximum security, store these backups on another computer or in offline storage locations.
- Install anti-malware software: If you want automated protection from ransomware attacks, you need anti-malware tools capable of detecting and erasing a wide range of malware, including ransomware. It is also important that you update it frequently.
- Educate users: Ensure you and other persons who use your systems are fully aware of the risks of ransomware, how it spreads, and the methods to avoid it.
- Take care not to open emails from unknown senders: Since a good amount of ransomware attacks start with a phishing email or an unwitting download of malicious files. Refrain from opening emails or attachments from unverified sources and be cautious of any spam emails requesting sensitive information.
