GandCrab Ransomware Explored

New ransomware accepts only DASH coins and uses .bit domains
05 February 2018   889

New ransomware, that demans ransom in DASH, explored by MalwareBytes.

As experts say, the threat was revealed last week by cyber security specialist David Montenegro, after which a number of companies and independent researchers began to study the extortion virus.

Ransomware is distributed using a malicious advertising campaign that has the identifier Seamless. To end users, malicious software is delivered through the already existing and popular exploits RIG and GrandSoft.

A characteristic feature of GandCrab is that it accepts payment only in DASH. According to experts, this is due to the fact that malicious software operators are attracted by the high anonymity of this digital currency.


The screenshot above shows that at first GandCrab requires 1.5 DASH for unlocking files, and after expiration of several days the amount of redemption is doubled.

Another feature of neww encryptor is the use of the censorship-resistant .bit domains of the Namecoin project. Their main feature is that they do not depend on ICANN, the main governing body for domain names. Thus, the peer-to-peer network principle and the absence of an administrative center make it impossible to remove the name.

On several .bit domains there are control servers of malicious software. It is also interesting that domains are mockingly named "in honor of" the famous companies working in the field of cybersecurity. For example: bleepingcomputer [.] Bit, nomoreransom [.] Bit, esetnod32 [.] Bit, emsisoft [.] Bit, and so on.

At the moment, the experts have not yet created a tool to counter GandCrab, as well as to decipher the relevant information.

Merchant Payments Ecosystem Conference to be Held in Berlin

On February 20-22, in Berlin, Germany, MPE will offer a quality program with important messages regarding evolving merchant payments ecosystem
15 February 2018   39

The Merchant Payments Ecosystem is one of the Europe’s biggest events covering payments and financial services innovation topics for eCommerce. The conference offers the chance to meet Europe’s most important payment providers covering PSPs, acquirers, payment processors, ISOs, schemes, regulators, gateways, POS HW/SW solution providers, MNOs and 3rd party providers.

MPE 18 location in berlinMPE'18 Exact Location

Location: InterContinental Berlin, Budapester Strasse 2, Berlin, Germany, 10785
Date: 20 - 22 Feb, 2018

The Merchant Payments Ecosystem Conference peculiarities:

  • 150+ Inspiring Speakers, providing actionable ideas ready for implementation
  • 1000+ Conference Attendees, merchants, acquirers, POS and payment provider
  • 90% Attendees are Decision Makers
  • 1 expo, 70+ sponsors
  • 20+ hours of networking in cozy atmosphere of 5 star hotel
  • 2 exclusive dinners, including recognised MPE Awards and Gala Dinner

As for the agenda of the conference, on day 1, Silvia Mensdorff-Pouilly will be part of the C-level panel discussing ‘’Innovative Payment Technologies creating magical moments for customers” amongst Visa, Sage Pay, and Feedzai. Moreover, Quintin Stephen will touch upon what needs to be learnt from other industries for a steady changing world of payments form factors in his keynote ‘Did you know - Omnichannel is 96 years old’.

On day 2, Dean Wallace will be speaking on corporates who want to use Immediate Payments and why, and what are the key challenges the industry needs to overcome to get this ball well and truly moving, presenting his keynote ‘Post PSD2, what will an immediate payments purchase experience look like’.