Get a Demo
Platform
Why SentinelOne?
Services
Partners
Resources
About
Pricing
Get a Demo
Back to Resources

2018’s Most Prevalent Ransomware – We Took it for a Ride

Video
2018’s Most Prevalent Ransomware – We Took it for a Ride

Despite determined efforts to neutralize it, GandCrab ransomware has continued to evolve and spread throughout 2018. We took it for a ride.

GandCrab is an aggressive piece of malware that has struck nearly half a million victims since it was first detected in January 2018. It uses a variety of infection vectors to compromise endpoints including email campaigns, websites and exploit kits such as Rig and GrandSoft.

The first stage of the infection collects data such as the computer name, OS version, and whether any legacy AV software is installed. It also checks whether the target machine has a Russian keyboard and, if not, proceeds to the next stage. This involves terminating applications and processes that the victim may be using for content creation such as text editors and email clients. The malware infects every connected drive, except for CD-ROM media, and also ensures that any backup or Shadow copies of the user data are deleted

-~-

Watch Now
Related Resources
Video
RSAC 2025: Join SentinelOne
Video
Is DeepSeek a Cybersecurity Threat? SentinelOne’s Alex Stamos Answers.
Video
SentinelOne and Aston Martin F1 Team
Video
LABScon24 Replay | Resilience and Protection in the Windows Ecosystem | Weston & Zetter

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.

Request a Demo