The famous Super Mario character is involved in a new porn extortion cyber attack that uses GandCrab malware

Today cybersecurity researchers have discovered that GandCrab ransomware is back and active.
It seems that its creators are actively releasing new versions to keep and improve their 40% ransomware market share.

Everyone, from small cyber crooks to high-rank cybercriminals, can rent and spread the GandCrab ransomware.

This time the new ransomware version is more sentimental
Because we are at the beginning of spring which is located shortly after the love month the most common variant of a malicious e-mail have a romantic phrase in the subject line, some heart symbol in the body, and an attached ZIP file which is most of the time named Love_You whit some digits in the back.

Researchers warn that anyone who will download and execute the JavaScript file that is inside will eventually end up downloading the famous GandCrab ransomware.
If this huge mistake is made the victim will be directed to a note explaining that all of the data on your computer has been encrypted, and you can pay the ransom to get it back.

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

Short ransomware blocking history:
In 2017, a patch was released that fixed a vulnerability in a tool used to synchronize data between two management systems for IT companies. But not everyone installed that patch. Now in 2019 GandCrab is targeting those who didn’t install the patch.

The most common ransomware spreading and deployment tactic:
Many e-mail attachments are luring. The hackers are constantly exploiting that opportunity of sending malicious e-mails with a Word file attached. For example, if anyone opens the document and then click the Enable Content button the GandCrab ransomware will be install
Similar spreading tactics

E-mails that look like an invoice, a payment confirmation or payment notice. Many of them will contain a link that downloads a ZIP, a RAR file or an Excel file, which is protected by a password that is provided in the mail. And YES! All of those attachments deploy the GandCrab ransomware once they are executed.

Probably the most hilarious and new method is the one which is using an image of Mario that contains malicious code which downloads the malware
The image contains a malicious PowerShell code which downloads a malware. During a malware analysis, it was discovered that Mario delivers GandCrab, or Ursnif trojan which steals your banking and online account credentials.

This is the best practices you can use to avoid GandCrab’s encryption:
-Do not open unexpected e-mail! First, try to make sure that the message is genuine before opening.
-Always keep a backup of all of your important data
-Use a good and powerful cybersecurity solution

We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.