GandCrab ransomware which made news last year has resurfaced again with new tactics and techniques. Cybersecurity firm CrowdStrike has detailed the ransomware’s recent activity in its latest blog.
According to the firm, the creator PINCHY SPIDER and its affiliates were found using techniques mainly associated with penetration testing teams as well as other adversary groups.
The big picture
“Big Game Hunting” tactics - CrowdStrike pointed out that the group’s new tactics may be part of a strategy to cripple large corporate networks.
“The change in deployment tactics observed in these recent incidents, coupled with PINCHY SPIDER’s advertising for individuals with skills in RDP/VNC and experience in corporate networking, suggest PINCHY SPIDER and their affiliates are expanding to adopt big game hunting tactics,” CrowdStrike researchers wrote in the blog.
The group was also seen aggressively advertising to find people with Remote Desktop Protocol (RDP) and Virtual Network Computing (VNC) skills to perpetrate large-scale ransomware attacks.