Gandcrab ransomware is still active – a new version, using .KRAB file extension, is found
Gandcrab 4 ransomware is the latest version of an infamous Gandcrab ransomware. Previously, the virus has been spreading around in a form of these versions:
While security experts were convinced that Gandcrab ransomware is done with infecting users worldwide, they discovered the fourth its version in July 2018. The malicious program uses an AES encryption algorithm to lock up files and adds the .KRAB extension to each of it. Once files are affected, a copy of a ransom note appears in each of folders. The text message is named CRAB-DECRYPT.txt or KRAB-DECRYPT.txt and provides certain information which lets the victim notice about the computer infection and files’ encryption. Due to that, they are required to pay a certain ransom (the price can differ each time) in bitcoin to get a decryption key for their files.
Avoiding ransomware gets more complicated each day
As we have mentioned, the ransomware virus is using different techniques to get into the system. So, there is no surprise that its prevention requires considering increasing your computer safety. In order to do that, you have to follow these practices:
- Carefully browse the Web, do not visit any suspicious-looking sites and links;
- Avoid opening spams as they might provide fast access to harmful content;
- Do not download bundled software as it can be unproperly provided and might contain malicious programs;
- Install an antivirus in order to increase your computer system protection. It will regularly scan the system for cyber threats.
If you carefully follow these steps, you will be able to stay safe from the GrandCran v4 ransomware.
The faster you delete the virus the more damage can be avoided
Deleting Gandcrab from the system is a must as keeping such viruses can cause the loss of all your files. The longer it stays in the system, the bigger the damage can be. If you deal with this cyber threat more quickly, you might be able to restore your files to their previous versions with less effort. At the moment, it seems that Gandcrab 4 is not deleting Shadow Volume copies of files, so ShadowExplorer can become really helpful while trying to decrypt encrypted files.