Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom.
The decrypter is
available for download via the
NoMoreRansom project, of which Bitdefender is a member of.
Romanian Police and
Romania's DIICOT (Directorate for Investigating Organized Crime and Terrorism) announced the decrypter's launch in statements published on their sites, minutes ago. Europol is also expected to make a formal announcement later today.
Arrests were also made, a source in Romanian law enforcement has told Bleeping Computer, although they did not detail how many suspects were apprehended, their nationality, or the place of their arrest.
Bogdan Botezatu, Senior E-Threat Analyst, denied rumors that Bitdefender had taken control over one of the GandCrab command and control servers, and said that the company only created a simple decryptor.
Bitdefender claims the decrypter works with all known GandCrab versions, but several
users and security researchers [
1,
2] reported problems with the decryption routine. But, bare in mind, this is the decrypter's first version, and the decrypter may have bugs like any recently launched software. In these cases, Bitdefender recommends that users consult the official
GandCrab decrypter documentation, and if they keep having issues, optionally send an email to the address included in the PDF file.