Constant visits to porn related sites infects people with GandCrab v4 ransomware

GandCrab v4 ransomware spreads via insecure websites

This version from a dangerous ransomware family is known all over the world because it is dangerous and spreading fast. Right now, based on user complaints, GandCrab v4 ransomware is active and attacking peoples’ devices. This version encrypts chosen files using AES-256 and RSA-2048 encryption methods and appends modified files with .KRAB file extension. You can not notice any activity until the virus creates a ransom note. It is a text file that has more details about the attack and instructions on the payment. CRAB-DECRYPT.txt or KRAB-DECRYPT.txt files might appear on every folder o your computer and desktop. This is a dangerous cryptovirus, and as various other ransomware infections, this one might come to your system via frequently visited pornographic websites.

This newest variant is created by a Romanian hacker team and was first spotted in July 2018. This virus is still active, based on user complaints. Although few previous versions were stopped quickly with newly created decryption tools, this one is going strong still. Ransomware developers work on each new version for a long time, so it is not decryptable so easily. Each code can be changed, so already existing decryption tool does not work. There is a possibility that a decryption tool for GandCrab v4 is coming in the future, still. However, right now there is no official tool that can decrypt modified files. The best solution is to replace corrupted files with clean ones from the backup.

Crypto-extortionists come from infected sites and email attachments

Usually, ransomware is spread on the system automatically from maliciously infected sites, emails or direct links. This means that visiting pornographic websites, opening insecure spam emails or downloading their attachments may lead to serious issues with your device. You might not even notice the ransomware infiltration or even the activity because all of this is happening in the background. When you visit a porn site, you most likely getting redirects to a variety of insecure sites or advertisements, every click on those might infect your system with ransomware spreading malware or direct malicious script.

Spam email attachments is another common method for spreading ransomware. Emails are widely used to spread various cyber infections. Phishing email campaigns are directly used to scam people but email attachments containing files infected with malicious script. Emails may look legitimate and safe because often people behind malware use names of services and companies to disguise their products. However, often you can tell which email is fake and possibly insecure. Look for typos or grammar mistakes. There might be a misalignment between the content of the email and the file attachment. Be cautious and better delete the suspicious email without opening or downloading files.

Knowledge is the key to ransomware avoidance

The first thing you should note is that any insecure website, advertisement, email, program or software can contain malicious script or spread various cyber infections. The key here is to know what you may get. If you know that you can get PUPs from insecure downloads, you choose Advanced options during installation, and this is how you avoid getting an infection. If you know that email with suspicious file attachment may contain malware or malicious script you avoid to download those files without knowing that they are legitimate.

Also, proper software is very important. You need to have antivirus and anti-malware tools on your computer. Running a full system scan occasionally may also make a difference in the security of your device. These tools can detect and remove various malware. Also, block possible threats. It is important to keep this software up to date if you want proper malware protection on your device. Remember to download software, various updates, and applications from reputable sources so you can avoid other cyber infections.

Ugnius Kiguolis