Super Mario, discovered the virtual criminals of GandCrab

Super Mario, discovered the virtual criminals of GandCrab - Ultimate Guide

By Joanna Colmenares | 2019-02-13 03:10:21

Super Mario, discovered the virtual criminals of GandCrab

The virtual kidnapping of GandCrab, is using an image of Super Mario to learn the users of Italy.

Experts in cybersecurity, discovered that the virtual criminals of GandCrab, are using steganography (a method used by virtual criminals to encrypt data and malicious files keeping the infected file as if it looked original) to spread the malware, besides combining Microsoft commands PowerShell, to launch the virus manipulating the blue and green pixels of Mario the iconic character of the Super Mario franchise.
Matthew Rowen, a computer security researcher at Bromium, described GandCrab's malicious charge as including a "Trojan horse."


Gandcrab Ransomware, is one of the most used file blocking malwares in destruction campaigns, which collaborates with other infection softwares, using sophisticated methods such as exploitation kits.


The developers of GandCrab, showed that they are still working on improving their techniques to spread it and obtain more fraudulent profits.


Experts in virtual security found an executable of Excel with macros, which release the payload only if the user is in Italy.
The researchers discovered that the macro recognizes the user by the keyboard design and, if the PC does not use the Italian country code.


Keep in mind that these infected emails are passed by payment notices and come in Italian.


If the person wants to see the executable file with the content of GandCrab, he must click on "enable editing", which subsequently infects the computer.


The Bromium researchers discovered that the macro starts with the command prompt and Windows PowerShell.
And it is in the Super Mario image where the Windows PowerShell commands are encrypted, hiding them in some colored parts such as blue and green, which are changed to infect them with the necessary content. Distinguishing the image of an infected image from the original is technically impossible, which makes users end up affected more easily.


After all, the malicious load reaches the external server to download Gandcrab v5.1, after this the users get all their data modified with a sophisticated algorithm.


Users receive a kind of ransom request to "recover their files", so they have to pay a certain amount of money. Personally, we advise you not to fall into the scam of paying, because this almost never happens, and the possibility of recovering the files is almost nil, and in that case your money will already be in your hands.


We recommend using free decryptors put by security experts or using third-party software. But most importantly, ignore suspicious emails or messages or from dubious sources to avoid falling into the abduction of your files.
Mode:


Other Articles Related

BitLife: How to use the heirlooms - tips and tricks
Below you will find all the tips and tricks on how to use the heirlooms in BitLife.
Man of Medan: How to end the game with Julia alive
In this Man of Medan guide, we will tell you how to end the game with Julia alive, since the main objective of the game is to keep 5 characters safe, we will help you here with Julia.
Man of Medan multiplayer: How to play with friends - co-op mode
Through this guide we will guide you in the game Man of Medan, so that you learn to use the Multiplayer option, it is also known as cooperative mode or playing with friends.
The Intel Xe GPUs as powerful as AMD and Nvidia
We have prepared for you an article where we can identify the competition between the Intel Xe GPUs and AMD and Nvidia.
Nintendo Switch battery life: How to find new improved battery life
We have written a guide to verify the console to find a new improved battery life on Nintendo Switch
Warframe: How To play in Creator Mode
The guide you will have below is based on the explanation of how to play in Creator Mode in Warframe.
Need For Speed Heat: How to get Origin Early Access
Dear readers herewe present this guide on Need For Speed ​​Heat which indicates thatthere will be changes in characteristics of the latest interactions
No Man’s Sky: How to Sit - tips ands tricks
This time we will guide you with the tips and tricks to know how to sit in No Man’s Sky.
Minecraft: How to ride a pig - tips and tricks
This time we will help you how to ride a pig in Minecraft, tips and tricks to do it.
No Man's Sky: How to get more units quickly
Through this guide you will know how to get more units quickly in No Man's Sky.
Division 2 the video game will look better on Xbox One X
Division 2 analyzed in detail the improvement that the video game had in the new Xbox One console
The Apex Legends Twitch Rivals Tournament: Everything you need to know
Battle Royale: La dinámica del Apex Legends Twitch Rivals será la mThe resounding success that Apex Legends has had in just a little over a week, is unbelievable, it has already won over 25 million players. In a short time it was positioned among the most popular games onTwitch, coming to be considered the strongest competitor against Fortnite, it has gained enough ground and exceeded some figures of the game.isma que en otoros torneos
Rumor: after the launch began the rumors about the game.
Rumor: todavía no sé qué tipo de controversia podría generar la serie de videojuegos Mother 3.
Cyberpunk 2077 only in Epic Games Store, Steam loses ground
Epic Games Store seems to be the most direct Steam competition at this time. Cyberpunk 2077 is an example of that
Assassin's Creed III remaster will be on the Nintendo Switch
Assassin’s Creed III Remastered Listed for Switch on Ubisoft’s Website