GrandCrab Ransomware decryption utility developed by Bitdefender, Europol, the Romanian Police and with the support of other enforcement agencies.
The new decryption tool can recover files locked by GandCrab Ransomware versions V1 (GDCB extension), v4 (KRAB extension), and V5 (random 10-character extension, also the current/latest GandCrab version), respectively.
If you are victim then do not pay Ransom, just Download The GrandCrab Decryption and get back your data safely.
How GrandCrab Ransomware Works?
GandCrab Ransomware is distributed via multiple spreading vectors, which include spam emails, exploit kits and other affiliated malware campaigns. These spam emails trick users into opening the file contained inside the attached ZIP archive, which is generally a malicious script that downloads GandCrab ransomware and executes it.
It is scanning for all target document formats upon execution, and when it finds one, it will encrypt it and rename it using a randomly chosen five character extension.
After encrypting the files it wants to hold as hostages, GrandCrab will also create its ransom note to victim with detailed instructions can pay for their data restored.
How to use the GrandCrab Decrypter?
Step 1- Download the decryption utility provided by Bitdefender and save it somewhere on your computer. Please note that this tool requires an active internet connection. Without this prerequisite the decryption process won’t continue.
This tool REQUIRES an active internet connection as our servers will attempt to reply the submitted ID with a possibly valid RSA-2048 private key. If this step succeeds the decryption process will continue.
Step 2- Run the software, it should be saved on your computer as BDGandCrabDecryptor.
Step 3- Now Agree to the terms and conditions.
Step 4- Select “Scan Entire System” if you want to search for all encrypted files or just add the path to your encrypted files. We strongly recommend that you also select “Backup files” before starting the decryption process. Then press “Scan”.
Regardless of whether you check the “Backup files” option or not, the decryption tool attempts to decrypt 5 files in the provided path and will NOT continue if decryption is unsuccessful. This extra safety mechanism ensures that the decryption tool has yielded valid files. This approach may not suit testing decryption on 1 or 2 files, or attempting to decrypt files with different extensions.
Step 5- At this point, your files should be decrypted. If you checked the backup option, you will see both the encrypted and the decrypted files. To remove the encrypted files, just search for files matching the extension and remove them in bulk. We do not encourage you to do this, unless you doubled check your files can be safely opened and there is no trace of damage.
But according to Bitdefender, if you are infected by the version 2 or 3 (Crab extension file), then you will need to little wait for it. but do not pay the Ransom, the security firm are working on next version.
