Security News > 2021 > March > GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
The GandCrab ransomware operation started in January 2018 when it quickly became a malware empire threatening businesses worldwide.
As first reported by TheRecord, a 20-year-old man was arrested on February 25th by South Korean police after an international investigation traced GandCrab ransom payments to withdrawals made by the suspect.
Included in the emails were attachments that would infect the victim with the GandCrab ransomware, encrypt files, and demand a $1,300 bitcoin ransom.
The police state that another suspect, who shared the GandCrab ransomware with the arrested individual, is still at large.
In July, Belarus law enforcement also arrested a 31-year old GandCrab member who acted as an affiliate for the ransomware operation.
News URL
Related news
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)