According to a report by Codeware, the TOR site of
A Hidden Private Chat
GandCrab’s TOR site has been made with a hidden platform for private chats – which obviously gets enabled with the supposed ‘discount codes’. Once they are accessed, recovery firms with dishonest intentions go about hiding the final costs of ransomware removal for victims.
The Procedure of Accessing a Private Chat
When you have surfed on to the TOR site, you can easily access the plain chat. Once this has been done, you will have to click on the user interface and press CTRL+SHIFT+2. A private link will instantaneously appear in the plain chat box which will then ask you for a promo code. Once you have entered the promo code and slid the toggle, the chat will morph into a private one. Naturally, this chat will be inaccessible by the original victim.
Trust No One and Protect Your Self before Disaster
Now that the ransomware removal specialists can be seen joining forces with cyber criminals themselves, it is only obvious that your computer’s protection is in your hands. That being said, all you need to do here is to back up your data and have a good security plan in place. By doing so, you will have a great back-up strategy even if your files do get encrypted, and all you will need would be a system reboot.
Other than this, you should also have security software in place that has the ability to incorporate behavioral detections. These should simply not be signature detections and/or heuristics. By having these in place, ransomware removal won’t be necessary as the problem would be stopped before it occurs. Great examples of such software include Malwarebytes Anti Malware and Emsisoft Anti Malware.
What of These Shady Recovery Companies?
The best method of confirming the ransom amounts being asked for by companies is to talk to the past victims of the same ransomware. It may also help to get a second opinion from another ransomware removal company!
