What is GandCrab Ransomware?
GandCrab is a type of ransomware first discovered in early 2018. This ransomware has multiple versions that have come out each time security professionals have released encryption keys. Broadly, GandCrab infects a computer, encrypts files, and includes files with a message providing instructions to the user to pay a ransom to have file access restored. In some versions of this ransomware, the message is also displayed as a desktop background. Affected files could have a number of extensions, including .crab or .krab.
How to Recognize This Threat: GandCrab was initially spread as an email scam, when users opened suspicious email attachments. It has since expanded to spread via websites that offer apparently helpful software downloads. Instead of the software, the user downloads the ransomware. It may also be included with certain exploit kits.
How to Prevent This Threat: Users should avoid opening any suspicious email attachments and avoid downloading any software from unverified sources. To protect your network from this threat, ensure you have a robust firewall with security services. See firewall options that fit your network from a variety of top brands.