Free Decryption Tool Released for GandCrab Ransomware Version 1,4 and 5

No featured articles available

Check back soon for the latest updates and featured content.

Researchers have released a free decryption tool of GandCrab ransomware which allows victims to decrypt their files for free

Researchers have released a free decryption tool of GandCrab ransomware which allows victims to decrypt their files for free.The free decryption tool was developed by Security researchers from Bitdefender along with several law enforcement organizations including FBI, Romanian police and other countries such as Bulgaria, France, Hungary, Italy, Poland, the Netherlands, United Kingdom.This version decryption tool can be used to recover files from GandCrab ransomware versions 1, 4 and 5.Victims can recognize the version of ransomware by extension it appends to encrypted files and or ransom note.Below is the table which shows GandCrab ransomware versions and extension it appends:

Version

Extension

Ransom Note

Version 1

file extension is .GDCB.

The ransom note starts with —= GANDCRAB =—, ……………. the extension: .GDCB

Version 2

file extension is .GDCB.

The ransom note starts with —= GANDCRAB =—, ……………. the extension: .GDCB

Version 3

file extension is .CRAB.

The ransom note starts with —= GANDCRAB V3 =— ……….. the extension: .CRAB

Version 4

file extension is .KRAB.

The ransom note starts with —= GANDCRAB V4 =— ……….. the extension: .KRAB

Version 5

file extension is .([A-Z]+).

The ransom note starts with —= GANDCRAB V5.0 =— ………. the extension: .UKCZA

Version 5.0.1

file extension is .([A-Z]+).

The ransom note starts with —= GANDCRAB V5.0.2 =— …. the extension: .YIAQDG

Version 5.0.2

file extension is .([A-Z]+)

The ransom note starts with—= GANDCRAB V5.0.2 =— …. the extension: .CQXGPMKNR

Version 5.0.3:

file extension is .([A-Z]+).

The ransom note starts with—= GANDCRAB V5.0.2 =— …. the extension: .HHFEHIOL

At least one ransom should be present on your system to recover the file and for decryption tool to work.

“The ransom-note is required to recover the decryption key. Please make sure that you do not run a clean-up utility which detects and removes these ransom-notes prior to execution of this tool. The information inside the ransom-notes is essential in the decryption process as it allows us to compute the unique decryption key for your files.” said in the blog post published by Bitdefender.

Researchers also said they are working on GandCrab ransomware versions 2 or 3 (CRAB file extension) and ask victims to wait and not pay the ransom

Victims can visit the blog post published by Bitdefender or visit

www.nomoreransom.org

to download the free decryption tool.

latest cyber threats

latest hacking news

Facebook

Twitter.

Google Ads Exploited in Cyberattack: Hackers Steal Login Details and 2FA Codes

Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers

Authquake Attack Bypasses Microsoft MFA, Exposing Critical Security Vulnerabilities

Strategies for Mitigating Cyber Threats in 2025

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

Secure Boot Bypass Flaw Found in Palo Alto Firewalls

Volkswagen Faces Major Breach: Data of 800K EV Customers Leaked

Successful CISO – Is a Business Enabler the Need of the Hour?

Behind the Job Title: Information Security Consultant

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

No featured articles available

Free Decryption Tool Released for GandCrab Ransomware Version 1,4 and 5

Researchers have released a free decryption tool of GandCrab ransomware which allows victims to decrypt their files for free

Share Your Story!

No featured articles available

Researchers have released a free decryption tool of GandCrab ransomware which allows victims to decrypt their files for free

Stay Updated with the Latest Cybersecurity News