What is GandCrab ransomware
GandCrab ransomware is actively distributed right now and uses several different ways to infect computers. A user can get this ransomware downloaded after they open a PDF attachment in a spam email (which will open a Word document which will ask the user to enable editing). Or they may, for example, encounter the “HoeflerText’ font wasn’t found” scam page and download and run the offered file. GandCrab ransomware upends .GDCB extensions to the files it encrypts and dumps GDCB-DECRYPT.txt file with decryption instructions to every folder. At the time of writing GandCrab is still a new ransomware variant, and security specialists are not done researching it. So far no free GandCrab decryptor exists (and it is not guaranteed that it will be created – that might happen if researchers find some fault in the ransomware code that will allow them to obtain decryption keys, or, for example, if someone gets access to GandCrab’s Command & Control servers where the key are stored). However, there are some other ways to recover GandCrab encrypted files that may or may not work in each separate case.