This crypto-extortioner encrypts user data using AES, and then requires a buyback of 1-3 Dash (crypto currency) to buy from the extortionists GandCrab Decryptor and return the files.
The .GDCB extension is added to the encrypted files .
The activity of this crypto-extortioner occurred in the second half of January 2018. It is oriented to English-speaking users, which does not prevent it from spreading around the world. The greatest number of victims is in South Korea. The note with the demand for redemption is called: GDCB-DECRYPT.txt
All your files, documents, photos, databases and other important files are encrypted and have the extension:. GDCB
The only way to recover files is to buy a private key. It’s on our server, and only we can recover your files.
The server with your key is in a closed TOR network
All Users are requested to:
- Install and keep NPAV updated up-to-date.
- Make sure NPAV Data Backup is ON.
- Always use trusted and secure sites for downloading setups.