The authors of the
The original GandCrab authors made money by creating the software and selling it to cybercriminals, who then effectively used it to make profits themselves.
Once an infected victim paid a ransomware demand, the ransomware authors gained a small commission during which the remaining money went to the cybercriminal who distributed the ransomware.
The authors announced to retire in an official thread on a prominent hacking forum where the offering of the
In the message posted on the public hacking forum, the
“We successfully cashed this money and legalized it in various spheres of white business both in real life and on the Internet,” the
“We have proved that by doing evil deeds, retribution does not come,” the
The GandCrab authors informed the renters of the ransomware via private email to diminish their activities and cash out within the following month since the service is going to be terminated.
The forum message also notified GandCrab victims. Notably, the
Previous ransomware activities that were shut down voluntarily released free decryption keys for victims, which allowed the victims to recover their data. The GandCrab authors have in the past released free decryption keys for every user infected in Syria.