Gandcrab Ransomware Exploits Website Vulnerabilities

Researchers find campaigns distributing Gandcrab by hosting malware on legitimate websites with poor security measures.

Gandcrab, among the newest threats in the ransomware space, started as a simple attack and quickly evolved as its authors adapted to security defenses. In the first two months of 2018, attackers infected more than 50,000 victims and generated more than 0,000 for attackers. This threat spreads via spam campaigns and exploit kits including Rig and Grandsoft.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Talos researchers were analyzing a recent spam campaign when they found a series of compromised sites delivering Gandcrab and continued to identify four separate campaigns over the period of one week. The first started on April 30 and was disguised as an online order. An attached ZIP file has a Word document that downloads and executes the ransomware. Emails contained either VBScripts or ZIP files but always delivered the same result.

An illustration showing four lock icons
Image Source

Read more: Dark Reading

Latest Articles

Weak Defences: The Most Hackable Sports Passwords

We get it. Thinking of another password that you haven’t used before can be frustrating – especially when we have to change or update our passwords so regularly. But while it might be tempting to use your favourite sports teams and clubs as passwords, it’s a risky move for your cyber security.  Using unique passwords […]

7th April, 2025
Solving Network Security Issues for Rapidly Growing Global Businesses

Introduction Ryohin Keikaku is a global manufacturing and retail company that handles everything from product planning to sales for products known as “Mujirushi-Ryohin” in Japan and “MUJI” overseas. To keep pace with its rapid expansion—adding 100 new stores annually in Japan—and its growing global presence, now spanning 225 locations across 20 countries, including 50 stores […]

3rd April, 2025
Closing the Gaps in API Security: How to Build Visibility and Protection for Modern Enterprises

APIs may be your organization’s greatest enabler, but without proper context, they can become its Achilles’ heel. APIs power modern digital ecosystems, connecting applications, enabling seamless machine-to-machine communication, and driving operational efficiencies. However, as APIs become the backbone of enterprises, they also represent an expanding attack surface — one that traditional Web Application and API […]

27th February, 2025

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services