At SecureWorks, researchers have currently spotted new ransomware that mimics GandCrab in coding. It possible may well as be an evolved version.
Fears Behind Pegging REvil To GandCrab
Researchers have come up with a list of reasons why they think GandCrab or the linking to REvil is of the same nature as GandCrab:
String decoding functions share the same set of protocols Both share URL binding functionality for controlling servers using commands Usage of similar terms like ‘gcfin’ and ‘gc6’ in the coding stem Decryption codes may be just the abbreviation pseudonyms for GandCrab Favoritism to Russians as the layout of keywords prevent from defecting Russian stations
However, in spite of the similarities, it is not certain that Revil is actually an evolved version of GandCrab. It may be the work of a lone wolf in the dark world. Though the operations of GandCrab were transparent and mentioned names, REvil, however, values their privacy and is very strict about disclosing of names of any individual from their team REvil is set to climb the ladder of being the most prolific ransomware of our times. You must update your systems whenever you get a notification for safety. Though nothing can be said for certain regarding the links between GandCrab and REvil, however, the damage they can ensure is not debatable.
