Security News > 2021 > March > GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
The GandCrab ransomware operation started in January 2018 when it quickly became a malware empire threatening businesses worldwide.
As first reported by TheRecord, a 20-year-old man was arrested on February 25th by South Korean police after an international investigation traced GandCrab ransom payments to withdrawals made by the suspect.
Included in the emails were attachments that would infect the victim with the GandCrab ransomware, encrypt files, and demand a $1,300 bitcoin ransom.
The police state that another suspect, who shared the GandCrab ransomware with the arrested individual, is still at large.
In July, Belarus law enforcement also arrested a 31-year old GandCrab member who acted as an affiliate for the ransomware operation.
News URL
Related news
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Port of Seattle hit by Rhysida ransomware in August attack (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- AutoCanada says ransomware attack "may" impact employee data (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Ransomware attack forces UMC Health System to divert some patients (source)