Warning: GandCrab extortionist code is attacking Vietnam
A campaign to distribute blackmail GandCrab attacks many countries around the world, including Vietnam, discovered by the Vietnam Computer Emergency Response Center (VNCERT, Ministry of Information and Communications).
GandCrab is distributed through the RIG vulnerability exploit toolkit. When infected, the files in the computer are encrypted into a * .GDCB or * .CRAB file. The malicious code will then generate a required CRAB-DECRYPT.txt file and instruct the user to pay the ransom from $ 400-1,000 by DASH electronic payment to decrypt the data.
VNCERT Center has sent dispatches to state agencies and organizations to guide and monitor and prevent malicious connection of GandCrab server and update protection systems such as IDS / IPS, Firewall . information about this type of extortion code.
You can see the full dispatch in the link below.
- http://www.vncert.gov.vn/files/CV85_GrandCrab.pdf
The malicious control servers are politiaromana.bit, malwarehunterteam.bit and gdcb.bit (the list is updated to 5/4).
As recommended by VNCERT, to avoid malicious code, users need to be alert not to click on links (links) as well as email attachments that contain .doc, .pdf, .zip . files sent. from strangers, even emails sent from acquaintances but there are strange ways to set titles or languages.
See more:
- Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer
- Discover a new kind of malicious code that can record the phone call to extort money
- What to do when the computer is infected with a virus that fights virtual money?
You should read it
- Warning: Detecting a campaign to spread malicious code GandCrab 5.2 into Vietnam via fake email of the Ministry of Public Security
- Warning: New extortion code GandCrab is attacking Vietnamese Internet users
- Warning: Dangerous new malicious code spills over to Vietnam
- Warning: A new code of virtual money training is spreading strongly in Vietnam
- After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
- Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
- How to handle the emergency WannaCry malicious code from the National Information Security Department
- Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype ...
- Discover a new kind of malicious code that can record the phone call to extort money
- 1.6 million computers in Vietnam were erased by the virus, losing nearly 15,000 billion in 2018
- Warning: New variants of malicious code digging on Facebook threaten users in Vietnam
- Warning: new code of virtual money digging is available via Facebook Messenger
Maybe you are interested
More than 200 apps containing malicious code were discovered and downloaded millions of times on the Google Play Store.
Detection of malicious code infecting the web browsers of 300,000 PCs, silently stealing user data
The App Store was tricked into approving malicious apps
Google Chrome will warn users about password-protected malicious archive files
All VSCode users need to be wary of malicious extensions!
What are malicious apps? How dangerous are they?