The wait is over. For victims of GandCrab versions 1, 4 or 5, there is a new decryption tool available from Bitdefender Labs to help you get your life and your data back – for free. Download link and updated information below.
GandCrab is on the move. According to a recent article on ZDnet, following the release of GandCrab v5, businesses are getting increasingly targeted by this ransomware via delivery by botnet and a malware worm. In September, CSO reported on a school system in Florida hit by it. And then there are the legions of individuals already impacted. It’s a plague that needs eradicating.
Earlier this year in February, Bitdefender released the world’s first decryption tool to help GandCrab ransomware victims get their data back for free. But since then, victims of subsequent versions of GandCrab and its ‘ransomware-as-a-service’ affiliate approach have been reaching out to us for help.
In the spirit of our Draco, we at Bitdefender Labs have spared no effort to find a solution to save the infected, in spite of the challenges we’ve faced.
Now the wait is over. Bitdefender to the rescue! We’re proud to announce and release the Bitdefender ransomware decryption tool for GandCrab versions 1, 4 and 5.
Yes it’s real. It’s free. And it is not a ‘vaccination’ tool.
Developed in close partnership with Europol and the Romanian Police, and with support from the FBI and other law enforcement agencies, the new tool allows GandCrab victims around the world to retrieve their encrypted information without collectively paying tens of millions of dollars in ransom to hackers.
So, if you were infected by version 1 *(GDCB extension), 4 (KRAB extension) or the new 5 (random 10-character extension) of GandCrab, the fix is simple: Download the tool. Run it on your infected computer. Get access to your data back immediately.
However, if you are infected by versions 2 or 3 of the ransomware (CRAB file extension), then we kindly ask you to hang on and not pay the ransom! We’re still on it. Follow us if you haven’t already to keep posted.