An affiliate operator of the GandCrab ransomware, known for its Ransomware-as-a-Service (RaaS) model, has been arrested in Belarus. Working with law enforcement in Romania and the UK, authorities in Belarus were able to identify and arrest a 31-year-old man whose name has not been released. The suspect was responsible for infecting over a thousand computers in almost one hundred countries and holding each one for ransom. The extortion demand was approximately $1,200 USD per victim. The total amount of profit made by this one distributor is not known. The operator used a hacking forum to find ways to acquire the GandCrab ransomware and from there made his tweaks to it before sending it out to victims via email. GandCrab ransomware affiliates such as the arrested party who distributed the GandCrab ransomware would receive 60% of the profit on their first three infections and then 70% from the rest. GandCrab shut down their operations on June 1st, 2019 and the author of the ransomware has not been identified by law enforcement.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.