SHvFl

Level 35
Verified
Trusted
Content Creator
Multiple people reporting on the Bitdefender forum that GandCrab has smashed their systems. So much for Bitdefender's anti-ransomware protection.
It could also be because bitdefender released the decryption tool for previous versions so they complain there. I would test it but there are so many GandCrab versions out there that it will be a waste of my time.
 
5

509322

It could also be because bitdefender released the decryption tool for previous versions so they complain there. I would test it but there are so many GandCrab versions out there that it will be a waste of my time.
Just looking at the threads, people are actively reporting encrypted files.

They don't have any backups...
 
5

509322

I saw a few but they didn't mention what they used just that they have encrypted files. It could be the need a decryption tool which is what i got from the replies following.
Don't get me wrong they might have bypassed Bd, I don't know. Just saw this.

gandcrab v5 0.4
I put BIS 2019 on 8 systems. It promptly came off within days. I thought for sure they fixed their scan exclusion problem. Nope. How utterly stupid of me. That was a n00b move on my part.

Then Bitedefender support making me needlessly jump through hoops. I told them get lost. We're not willing to tolerate it. As long as people keep letting them do it, they'll keep doing it. Bitdefender support is the worst.
 

SHvFl

Level 35
Verified
Trusted
Content Creator
I put BIS 2019 on 8 systems. It promptly came off within days. I thought for sure they fixed their scan exclusion problem. Nope. How utterly stupid of me. That was a n00b move on my part.

Then Bitedefender support making me needlessly jump through hoops. I told them get lost. We're not willing to tolerate it. As long as people keep letting them do it, they'll keep doing it. Bitdefender support is the worst.
I saw that. The forum guy is stupid and i am sure he didn't even bother to put the script in dropbox and whitelist.
 
5

509322

I saw that. The forum guy is stupid and i am sure he didn't even bother to put the script in dropbox and whitelist.
The refund takes 45 days.

I tried to mess with them to see if they would react any faster by stating hundreds upon hundreds of systems were involved. If they bothered to even read it, it sure didn't motivate them to do anything other than "Hey... jump through more hoops."

You get a clear idea of where a vendor is at if you mention large volume of licenses and observe their reaction.

Bitdefender has so many problems that its support is just crushed beneath an overwhelming number of support requests and tickets. You can see it. It's plainly obvious. When support contacts you weeks later - and I mean sometimes months later - what do they think they're doing ? Product uninstalled within days of initial support ticket due to non-reply.
 
Last edited by a moderator:

Mahesh Sudula

Level 16
Verified
Malware Tester
I saw a few but they didn't mention what they used just that they have encrypted files. It could be the need a decryption tool which is what i got from the replies following.
Don't get me wrong they might have bypassed Bd, I don't know. Just saw this.

gandcrab v5 0.4
Bitdefender ATC successfully blocked it. Firewall did allow for a while and ATC did clean the mess.
I did it in same day of F secure Test.
The files encrypted due to F secure were sucessfully decrypted by BIT defender Gandcrab latest decryptor though it is not for this specific variant.
I was shocked seeing it. I was abit hesitant but i think they share similar mechanisms and that did the trick here
Litreally 198 files were decrypted by their another gand crab decyptor out of 213. Kudos. i was though of posting it but anyway right time i think.
NOTE : the tool must be run individually in specific folder each and every time where decyption is necessary. Direct run/ whole sys scan yields nothing.!!if possible i will again make a video of this if time permits.
BD 100% blocked it . Don know why those chaos are going on in their forums.
 
Last edited: