Security News > 2021 > March > GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
The GandCrab ransomware operation started in January 2018 when it quickly became a malware empire threatening businesses worldwide.
As first reported by TheRecord, a 20-year-old man was arrested on February 25th by South Korean police after an international investigation traced GandCrab ransom payments to withdrawals made by the suspect.
Included in the emails were attachments that would infect the victim with the GandCrab ransomware, encrypt files, and demand a $1,300 bitcoin ransom.
The police state that another suspect, who shared the GandCrab ransomware with the arrested individual, is still at large.
In July, Belarus law enforcement also arrested a 31-year old GandCrab member who acted as an affiliate for the ransomware operation.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)