Researchers find campaigns distributing Gandcrab by hosting malware on legitimate websites with poor security measures.
Cryptominers may have stolen the spotlight as cybercrime’s hottest new trend, but it doesn’t mean we can stop paying attention to ransomware. Researchers at Cisco Talos detected a new batch of Gandcrab ransomware being distributed through legitimate but poorly secured sites.
Gandcrab, among the newest threats in the ransomware space, started as a simple attack and quickly evolved as its authors adapted to security defenses. In the first two months of 2018, attackers infected more than 50,000 victims and generated more than $600,000 for attackers. This threat spreads via spam campaigns and exploit kits including Rig and Grandsoft.