Extremely dangerous ransomware is attacking Vietnam
The Vietnam Computer Emergency Response Team (VNCERT) has just discovered a campaign spreading the GandCrab ransomware in many countries around the world, including Vietnam.
![]() |
According to VNECRT, the GandCrab ransomware is very dangerous, it can steal information and encrypt all data on the infected machine; hackers exploit and attack will cause many other serious consequences. The GandCrab ransomware is spread through the RIG vulnerability exploitation toolkit, when infected, all data files on the user's machine will be encrypted and the file extension will be changed to *.GDCB or *.CRAB, at the same time the malware generates a CRAB-DECRYPT.txt file to request and instruct users to pay a ransom of 400 - 1,000 USD by paying via DASH cryptocurrency to decrypt the data.
VNECRT requires specialized IT and information security units to monitor and block connections to servers controlling the GandCrab ransomware and update them to protection systems such as IDS/IPS, Firewalls, etc. In case of detecting GandCrab malware, agencies, units, and enterprises are required to quickly isolate the infected area/machine and report to the VNCERT Center (phone: 024 3640 4423 extension 112, hotline 0869 100319/ 0888 609399, email address for receiving incident reports is[email protected]).
VNCERT also requires users to be vigilant, not to open and click on links or attachments in emails containing .doc, .pdf, .zip files... sent from strangers or if the email is sent from an acquaintance but the subject line or language is unusual.