I am reading a few threat landscape and semi annual security recap reports and came across a section in one that mentioned that GandCrab was starting to become active again.
I've personally had to deal with GandCrab during an IR event in the past, so this naturally peaked my interest. In the rabbit hole that ensued, I found this awesome analysis that I wish I had 4 years ago. Happy hacking!
https://www.taintedbits.com/2018/10/18/gandcrab-detail-analysis-of-js-delivery-payload/
#security #reports #threatlandscape #gandcrab #ransomware
At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates https://krebsonsecurity.com/2022/01/at-request-of-u-s-russia-rounds-up-14-revil-ransomware-affiliates/ #RomanGennadyevichMuromsky #AndreySergeevichBessonov #Ne'er-Do-WellNews #DmitriAlperovitch #ColonialPipeline #TheComingStorm #PresidentBiden #ImmersiveLabs #VladimirPutin #Ransomware #KevinBreen #DarkSide #GandCrab #NotPetya #rEvil #FSB
#RomanGennadyevichMuromsky #AndreySergeevichBessonov #ne #DmitriAlperovitch #colonialpipeline #TheComingStorm #PresidentBiden #ImmersiveLabs #VladimirPutin #ransomware #KevinBreen #darkside #gandcrab #NotPetya #rEvil #fsb
At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates - The Russian government said today it arrested 14 people accused of working for “RE... https://krebsonsecurity.com/2022/01/at-request-of-u-s-russia-rounds-up-14-revil-ransomware-affiliates/ #romangennadyevichmuromsky #andreysergeevichbessonov #dmitrialperovitch #neer-do-wellnews #colonialpipeline #thecomingstorm #presidentbiden #immersivelabs #vladimirputin #ransomware #kevinbreen #darkside #gandcrab #notpetya #fsb
#fsb #notpetya #gandcrab #darkside #kevinbreen #ransomware #vladimirputin #immersivelabs #PresidentBiden #thecomingstorm #colonialpipeline #neer #dmitrialperovitch #andreysergeevichbessonov #romangennadyevichmuromsky
📬 REvil: LKA Baden-Württemberg enttarnt mutmaßlichen Ransomware-Drahtzieher #DarkCommerce #Malware #ErmittlungsgruppeKrabbe #GandCrab #LKABadenWürttemberg #NikolayK #REvil https://tarnkappe.info/revil-lka-baden-wuerttemberg-enttarnt-mutmasslichen-ransomware-drahtzieher/
#revil #NikolayK #LKABadenWürttemberg #gandcrab #ErmittlungsgruppeKrabbe #malware #DarkCommerce
Ransomware Gangs and the Name Game Distraction https://krebsonsecurity.com/2021/08/ransomware-gangs-and-the-name-game-distraction/ #EvgeniyMikhailovichBogachev #BlackMatterransomware #DarkSideransomware #Babukransomware #Griefransomware #REvilransomware #TheBusinessClub #Cryptolocker #DoppelPaymer #GameoverZeuS #IndrikSpider #WastedLocker #CrowdStrike #FabianWosar #Ransomware #BitPaymer #EvilCorp. #MarkArena #Emsisoft #GandCrab #Cerber #Dridex #TA505 #zeus
#EvgeniyMikhailovichBogachev #BlackMatterransomware #darksideransomware #Babukransomware #Griefransomware #REvilransomware #TheBusinessClub #Cryptolocker #doppelpaymer #GameoverZeuS #IndrikSpider #WastedLocker #crowdstrike #FabianWosar #ransomware #Bitpaymer #EvilCorp #MarkArena #Emsisoft #gandcrab #Cerber #Dridex #TA505 #zeus
Threat Roundup for September 11 to September 18 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 11... http://feedproxy.google.com/~r/feedburner/Talos/~3/rMr2xENOthU/threat-roundup-0911-0918.html #vulnerabilities #threatroundup #ciscotalos #darkcomet #gandcrab #malware #dridex #emotet #remcos #arkei #talos #xpiro #shiz
#shiz #xpiro #talos #arkei #remcos #emotet #dridex #malware #gandcrab #darkcomet #ciscotalos #threatroundup #vulnerabilities
Threat Roundup for September 4 to September 11 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 4 ... http://feedproxy.google.com/~r/feedburner/Talos/~3/pfRb9tHcikM/threat-roundup-0904-0911.html #vulnerabilities #threatroundup #ciscotalos #gandcrab #malware #dridex #emotet #kovter #upatre #talos #razy
#razy #talos #upatre #kovter #emotet #dridex #malware #gandcrab #ciscotalos #threatroundup #vulnerabilities
Monday review – catch up with the latest articles - The latest articles and the latest Naked Security Live video - all in one place. Enjoy. https://nakedsecurity.sophos.com/2020/08/10/monday-review-catch-up-with-the-latest-articles/ #machinelearning #vulnerability #weeklysummary #mondayreview #ransomware #law&order #gandcrab #spam #zoom #bec
#bec #zoom #spam #gandcrab #law #ransomware #mondayreview #weeklysummary #vulnerability #machinelearning
GandCrab ransomware hacker arrested in Belarus - Suspect is alleged to have extorted more than 1000 people, mostly in India, US, Ukraine, UK, Germa... https://nakedsecurity.sophos.com/2020/08/04/gandcrab-ransomware-hacker-arrested-in-belarus/ #ransomware #sodinokibi #law&order #gandcrab #revil #bust #raas
#raas #bust #revil #gandcrab #law #sodinokibi #ransomware
REvil Ransomware Gang Adds Auction Feature for Stolen Data - An anonymous bidding mechanism enhances the REvil group's double-extortion game. more: https://threatpost.com/revil-ransomware-gang-auction-stolen-data/157006/ #grubmanshiremeiselas&sacks #cybercriminalforum #anonymousbidder #exfiltrateddata #undergroundsite #auctionsite #ransomware #datatheft #gandcrab #travelex #malware #privacy #darkweb #breach #monero #hacks #revil #xmr
#xmr #revil #hacks #monero #breach #darkweb #privacy #malware #travelex #gandcrab #datatheft #ransomware #auctionsite #undergroundsite #exfiltrateddata #anonymousbidder #cybercriminalforum #grubmanshiremeiselas
Threat Roundup for May 22 to May 29 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 22 a... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/kULO3WrFM9I/threat-roundup-0522-0529.html #vulnerabilities #threatroundup #ciscotalos #zeroaccess #darkcomet #gandcrab #dealply #malware #emotet #swisyn #tofsee #mikey #njrat #talos
#talos #njrat #mikey #tofsee #swisyn #emotet #malware #dealply #gandcrab #darkcomet #zeroaccess #ciscotalos #threatroundup #vulnerabilities
This Service Helps Malware Authors Fix Flaws in their Code https://krebsonsecurity.com/2020/05/this-service-helps-malware-authors-fix-flaws-in-their-code/ #malwaretestingservice #Ne'er-Do-WellNews #ALittleSunshine #Vivalamuerte #WebFraud2.0 #Sodinokibi #GandCrab #Intel471 #RedBear #Cerber #Krober #Lebron #rEvil #Sodin #UNKN #upO
#malwaretestingservice #ne #ALittleSunshine #Vivalamuerte #WebFraud2 #Sodinokibi #gandcrab #Intel471 #RedBear #Cerber #Krober #Lebron #rEvil #Sodin #UNKN #upO
This Service Helps Malware Authors Fix Flaws in their Code - Almost daily now there is news about flaws in commercial software that lead to computers getting hac... more: https://krebsonsecurity.com/2020/05/this-service-helps-malware-authors-fix-flaws-in-their-code/ #malwaretestingservice #neer-do-wellnews #alittlesunshine #vivalamuerte #webfraud2.0 #sodinokibi #gandcrab #intel471 #redbear #cerber #krober #lebron #revil #sodin #unkn #upo
#upo #unkn #sodin #revil #lebron #krober #cerber #redbear #intel471 #gandcrab #sodinokibi #webfraud2 #vivalamuerte #alittlesunshine #neer #malwaretestingservice
Stolen data of company that refused REvil ransom payment now on sale - A comment from one buyer of data purportedly from Brooks International: "It even has credit card n... more: https://nakedsecurity.sophos.com/2020/03/23/stolen-data-of-company-that-refused-revil-ransom-payment-now-on-sale/ #brooksinternational #securitythreats #hackingforums #ransomware #sodinokibi #stolendata #gandcrab #malware #revil #sodin #raas
#raas #sodin #revil #malware #gandcrab #stolendata #sodinokibi #ransomware #hackingforums #securitythreats #brooksinternational
Threat Roundup for March 6 to March 13 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 6 ... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/ZK2CAHDldHY/threat-roundup-0306-0313.html #vulnerabilities #threatroundup #ciscotalos #gandcrab #malware #cerber #nymaim #talos #ursu
#ursu #talos #nymaim #cerber #malware #gandcrab #ciscotalos #threatroundup #vulnerabilities
Threat Roundup for February 14 to February 21 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 14 ... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/4J1oPdwQFdU/threat-roundup-0214-0221.html #vulnerabilities #threatroundup #ciscotalos #generickdz #gandcrab #malware #autoit #nymaim #qakbot #remcos #tofsee #mikey #talos #razy
#razy #talos #mikey #tofsee #remcos #qakbot #nymaim #autoit #malware #gandcrab #generickdz #ciscotalos #threatroundup #vulnerabilities
Threat Roundup for December 13 to December 20 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 13 ... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/gN121cJK8cQ/threat-roundup-1213-1220.html #vulnerabilities #threatroundup #gandcrab #trickbot #hawkeye #malware #netwire #dridex #emotet #sagent #tofsee #talos #razy
#razy #talos #tofsee #sagent #emotet #dridex #netwire #malware #hawkeye #trickbot #gandcrab #threatroundup #vulnerabilities
All in the (Ransomware) Family: 10 Ways to Take Action - Check out our list of top 10 things to do to protect your organization from the deepening scourge ... more: https://threatpost.com/ransomware-family-10-ways-take-action/151080/ #infosecinsider #protections #asaservice #derekmanky #ransomware #sodinokibi #toptrends #fortinet #gandcrab #malware #nemty #revil #top10 #raas
#raas #top10 #revil #nemty #malware #gandcrab #fortinet #toptrends #sodinokibi #ransomware #derekmanky #asaservice #protections #infosecinsider
(GandCrab) Attenzione al nuovo ransomware che cripta tutti i file della vittima e ne cambia l'estensione - https://ift.tt/35xS5B0 ' src='https://diggita.com/modules/auto_thumb/2019/09/28/1645909_GandCrab.jpg'/> #gandcrab #ransomware
Interesting post about #GandCrab v4.1 by Kevin.
Also spreads to #WinXP and 2k3 systems. Can spread and operate on airgapped networks.
https://doublepulsar.com/gandcrab-v4-1-in-the-wild-first-windows-xp-and-server-2003-impacting-ransomware-smb-worm-7a7250253b6
#infosec