Bitdefender releases a free GandCrab decryption tool

by Jake Doe - -

Experts cracked GandCrab ransomware that reigned since the beginning of 2018

Free GandCrab decryptor available at Bitdefender and No More Ransom!

Good news for those who cannot access their files due to the infamous GandCrab ransomware[1] attack. It took almost two months for Bitdefender, one of the leading global cybersecurity technology companies, to reveal a free Gandcrab ransomware decryptor.[2] 

Led by Bitdefender, a group of Romanian Police, the Directorate for Investigating Organized Crime and Terrorism (DIICOT) and Europol initiated an operation against GandCrab ransomware and eventually released a free decryptor as a part of No More Ransom[3]  project.

Since the January of 2018 GandCrab attacked PC via malspam campaigns, malicious online ads, and combination of two exploit kits. In less than two months, it struck more than 53,000 computers and stolen hundreds of thousands of personal files. It's not yet clear how much money extortionists earned. However, having in mind that GandCrab ransomware functions as a Ransomware-as-a-Service (RaaS)[4]  and demands for 1200 USD in Dash coins from each victim allow assuming that the income exceeds 600,000 USD:

GandCrab infections have reached up to an exorbitant $600,000+, orders of magnitude higher than is common in ransomware scams. Ransomware scammers more typically demand between $300 and $500.

Europol[5]  describes GandCrab as “one of the most aggressive forms of ransomware so far this year,” while Catalin Cosoi, a senior director of investigation at Bitdefender, refers to it as “one of the highest bidders.” Thus, the release of a free GandCrab decryptor is a big day for many.

The question can a free GandCrab decryption tool unlock files or not is still disputable

All volunteers can download a free GandCrab decryption tool from No More Ransom initiative at or the official Bitdefender's website.

The tool is for free, so it's definitely worth a try. However, people on social media is making a fuss about the decryptor, which turns out to be non-effective. According to MalwareHunterTeam,[6]  the tool failed to decrypt two GandCrab versions, including gandcrab 2.3.1r.

However, there's one essential condition to run a free GandCrab decryptor successfully:

The decryption tool attempts to decrypt five random files in the provided path and will NOT continue if the test is not successful. If you test the tool against a limited number of files make sure that you have AT LEAST 5 samples in the folder.

That's the reason why the decryptor may fail to work. In this case, you should test it on a folder, which contains more than five files appended with .GDCB file extension. In case decryption fails to work anyway, you can try alternative methods listed here.

GandCrab developers won't stop the attacks

Even though security experts surmounted the GandCrab developers who already confirmed that they were hacked and released decryption keys, experts presume that it's not the end.

Domain Killswitch points out to the lack of information regarding cybersecurity and tools like free ransomware decryptors. It's important to stress the fact that crypto-extortionists do not seek to attack tech-savvy people. He points out that the “visibility of these type of decryption tools outside of the tech and specifically infosec community is quite low.”

Therefore, the number of GandCrab virus attacks might decrease, though is not expected to break off completely. It's very important to spread the news about available free decryption utilities and other security news, which might help thousands of people to avoid inconveniences and serious problems. 

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.


Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Jake Doe
Jake Doe - Computer technology geek

Jake Doe is a News Editor at Ugetfix. Since he met Ugnius Kiguolis in 2003, they both launched several projects that spread awareness about cybercrimes, malware, and other computer-related problems.

Contact Jake Doe
About the company Esolutions


Your opinion regarding Bitdefender releases a free GandCrab decryption tool