Warning: GandCrab extortionist code is attacking Vietnam

A campaign to distribute blackmail GandCrab attacks many countries around the world, including Vietnam, discovered by the Vietnam Computer Emergency Response Center (VNCERT, Ministry of Information and Communications).

GandCrab is distributed through the RIG vulnerability exploit toolkit. When infected, the files in the computer are encrypted into a * .GDCB or * .CRAB file. The malicious code will then generate a required CRAB-DECRYPT.txt file and instruct the user to pay the ransom from $ 400-1,000 by DASH electronic payment to decrypt the data.

VNCERT Center has sent dispatches to state agencies and organizations to guide and monitor and prevent malicious connection of GandCrab server and update protection systems such as IDS / IPS, Firewall . information about this type of extortion code.

You can see the full dispatch in the link below.

1. http://www.vncert.gov.vn/files/CV85_GrandCrab.pdf

The malicious control servers are politiaromana.bit, malwarehunterteam.bit and gdcb.bit (the list is updated to 5/4).

As recommended by VNCERT, to avoid malicious code, users need to be alert not to click on links (links) as well as email attachments that contain .doc, .pdf, .zip . files sent. from strangers, even emails sent from acquaintances but there are strange ways to set titles or languages.

See more:

1. Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer
2. Discover a new kind of malicious code that can record the phone call to extort money
3. What to do when the computer is infected with a virus that fights virtual money?