2 min Security

Criminals behind GrandCrab-ransomware are going to retire on millions of profits

The GrandCrab ransomware-as-a-service closes the books next month. The owners are going to enjoy their profits, which they believe have risen to more than 150 million dollars.

GrandCrab will give up soon. The cybercriminals behind the ransomware service are announcing its closure. GrandCrab was the most popular form of ransomware for a year. The virus was offered as a service. Aspirant criminals could buy GrandCrab, after which the original creators would set up a commission every time a victim paid. On a hacking forum, the makers now indicate that they have gained sufficient profit from that business model and that the pension is attractive. That’s what ZDNet writes.

Millions in profit

The GrandCrab builders claim to have earned $2.5 million a week and $150 million a month from their service, thanks to $2 billion in ransom payments made by victims. This claim is not immediately verifiable, and is probably quite inflated. The fact that GrandCrab is a gold mine for its makers seems to be beyond dispute. The criminals claim to have laundered their profits through various channels.

Customers of the service were advised to reduce their activities and cash in. They get 20 days for that. The GrandCrab makers don’t seem to be planning on releasing their decryption keys when they retire. On the contrary, they are threatening to destroy all the keys permanently. This means that in theory, victims will never be able to access their data again.

Dwindling popularity

Although GrandCrab was the most popular form of ransomware in the last half of the previous year and the first half of this year, the RaaS was still a bit on its way back. Over the past month, the number of infections with GrandCrab-ransomware is said to have fallen sharply. Nevertheless, the ransomware was still very popular. Last week a new attack came to light in which hackers targeted vulnerable MySQL databases.

Related: Hackers infect MySQL databases with GandCrab ransomware

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.