GandCrab ransomware group announces 'well-deserved retirement'

So long and thanks for all the cash

The hackers responsible for the GandCrab ransomware-as-a-service network have announced their "well-deserved retirement" after earning millions since around January 2018.

The people behind the group said that they had now invested all their earnings into multiple legal businesses, and that the time had come to retire.

The group behind GandCrab claimed that around $2 billion had been extorted from victims

"We have proven that by doing evil deeds, retribution does not come," the hackers wrote in a forum post, according to ZDNet. "We proved that in a year you can earn money for a lifetime. We have proved that it is possible to become number one not in our own words, but in [the] recognition of other people," the group added.

Computing and CRN have united to present the Women in Tech Festival UK 2019, on 17 September in London.

The event will celebrate successful women in the IT industry, enabling attendes to hear about, and to share, personal experiences of professional journeys and challenges.

Whether you're the ‘Next Generation', an ‘Inspirational Leader', or an ‘Innovator of Tech' this event will offer inspiration on not only how to improve yourself, but how to help others too. The event is FREE for qualifying IT pros, but places will go fast

GandCrab ransomware came into light in January 2018 when hackers started promoting it on the dark web. It sold to a large number of clients on the dark web and filled the void left by CrytpoWall, TeslaCrypt and other ransomware campaigns.

GandCrab offered cybercriminals an online ransomware-as-a-service (RaaS) platform where they could sign up and get access to custom builds of GandCrab ransomware. Criminals purchasing the ransomware would then distribute it through emails, exploit kits and so on in order to grab money from victims.

The GandCrab RaaS operator has now announced plans to shut the service down within the next month.

We proved that in a year you can earn money for a lifetime

The announcement came in a well-known hacking forum. In that forum, the group behind GandCrab claimed that about $2 billion had been extorted from victims, who paid ransom in return for a decryption key. The hackers claim that, in the process, they had "earned more than $150 million per year" with the help of their ransomware.

"We successfully cashed this money and legalised it in various spheres of white business both in real life and on the Internet," the GandCrab group stated.

The shutdown process reportedly began last week when the hackers started sending private emails to their affiliates, asking them to stop ad campaigns for GandCrab. Ransomware renters were also instructed to cash-out from their victims within a period of one month.

The hackers claim that... they had earned more than $150 million per year

The GandCrab operators also told victims to pay their ransom now as they will delete all decryption keys within the next month.

When active, the GandCrab crew was unlike other hacking groups in many ways. They had cracked jokes and taunted security researchers in their code. Many times, they dropped hellos to security experts probing their ransomware.

Sometimes, they were vindictive too. For example, when AhnLab released a mitigation tool for GandCrab, the group released a zero-day for the AhnLab v3 Lite anti-virus software package in retaliation.

Delta is a new market intelligence service from Computing to help CIOs and other IT decision makers make smarter purchasing decisions - decisions informed by the knowledge and experience of other CIOs and IT decision makers.

Delta is free from vendor sponsorship or influence of any kind, and is guided by a steering committee of well-known CIOs, such as Charles Ewen, Christina Scott, Steve Capper and Laura Meyer.

Ten crucial technology areas are already covered at launch, with more data appearing and more areas being covered every week. Sign-up here for your free trial of the Computing Delta website.