Security News > 2021 > March > GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
The GandCrab ransomware operation started in January 2018 when it quickly became a malware empire threatening businesses worldwide.
As first reported by TheRecord, a 20-year-old man was arrested on February 25th by South Korean police after an international investigation traced GandCrab ransom payments to withdrawals made by the suspect.
Included in the emails were attachments that would infect the victim with the GandCrab ransomware, encrypt files, and demand a $1,300 bitcoin ransom.
The police state that another suspect, who shared the GandCrab ransomware with the arrested individual, is still at large.
In July, Belarus law enforcement also arrested a 31-year old GandCrab member who acted as an affiliate for the ransomware operation.
News URL
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)