Warning: Ransomware GandCrab targets Vietnamese users
09:30:47 | 07-06-2019

On December 11, Bkav cooporation warned the a new variant of the GandCrab malware that is attacking large numbers of Vietnamese Internet users. According to statistics from Bkav's virus monitoring system, there are 3,900 computers infected by this malware. 


Bkav experts states the GandCrab which is spreading in Vietnam is the 5th generation of this malware family. The first generation was discovered in January 2018. Since then, this dangerous malicious code has been continuously improved and upgraded by hackers with increasing levels of sophistication and complexity.

GandCrab spreads by sending the victim a fake email, with the content urging the victim to open the attached file. In fact, this attachment contains a virus, if the victim opens the file, the computer will be infected with the malware. After infection, the malware will encrypt the user's data, and the data cannot be opened.

On the victim computer, there will be a notification which requires to pay for data decryption. In order to pay, users must install Tor browser, pay by electronic currency Dash or Bitcoin with the value from USD 200 to USD 1,200 depending on the number of files encrypted. According to Bkav's record, there are currently no victims paying to hackers.

Bkav recommends: "Users need to install antivirus software permanently for their computer. Never open attachments from unidentified emails. In case of necessity to open, users can open files in Safe Run".Bkav has updated the latest sample of GandCrab, users can download Bkav from the website www.bkav.com to protect the computer. Particularly, customers who use licensed Bkav Pro will be automatically updated and protected.