Fast Data Recovery
The Ransomware Recovery Experts
[ GandCRAB Ransomware Decryption ]

Fast Data Recovery Free & Emergency Ransomware Evaluation will provide a fixed price for complete ransomware data recovery.

It only takes 3 minutes to complete

The Ransomware Recovery Experts

YES, we are able to recover from all types of Ransomware infections including GandCRAB. All our work is guaranteed or your money back!

Submit a case for same day ransomware evaluation service from a recent GandCRAB RANSOMWARE attack or to learn more about the process of ransomware recovery

GandCRAB Ransomware was released in December 2016 approximately and seems to be very profitable for the hackers and continues development until now

The older versions of GrandCrab (prior to August 2018 GandCRAB can be decrypted free of charge), however it was shortly leaved as the criminals release version 5.04 in  September 2018 which will not be decrypted unless you use a specialised recovery company like Fast Data Recovery.

GandCRAB intially reported in Jan 2017 with a new strain every couple of month that encrypts target user data with the .[randome GandCRAB extension]. The new GandCRAB version 3 recently released Sep 2018 shows criminals behind it are interested in its continued development.

Fast Data Recovery guarantees recovery from all versions including the recently released version.

Ransomware is costing businesses more than $75 billion per year with a business attached every 2 minutes on average.

Global cybercrime damages predicted to cost $6 trillion by 2021,(Source: Kaspersky)

Ransomware attacks have increased by 600% in 2017

GandCRAB Ransomware Recovery and decryption service

Other Ransomware Statistics:

  • 63% of confirmed data breaches involved leveraging weak, stolen or default passwords and usernames
  • 22% of small business breached by ransomware attacks in 2017 were so badly affected, they could not continue operating
  • 30% phishing emails were opened and 12% clicked on infected links or attachments.

Source: https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme

Most ransomware infections occur due to weak security or fraudulent emails trap leading victims into opening an attachment.

Fast Data Recovery is the largest ransomware recovery company based in Australia / Sydney and supporting clients internationally with a 24/7 recovery team.

We understand the value of data and work extremely hard to recover your business data as fast as possible.

Fast Data Recovery has the tools, knowledge, and experience for complete ransomware data recovery, ransomware removaland further ransomware prevention. and can all your Dharma GandCRAB files decrypted in 24 hours in some cases

We have a 100% success rate on recovering data from ransomware attacks and we operate on a no data = no charge policy for peace of mind.

If this is an emergency, Please select our priority service for expedited service when submitting an online case (1-4 hours response time*) or select FREE Evaluation for standard turnaround (up to 10 days) at no cost.
* Cost of the evaluation will be deducted form the cost of the recovery.

Based on the analysis we will provide you with a fixed quote and can have your files recovered in most cases within 24 hours*

Please keep in mind that there is a possibility that your insurance policy may cover the cost of this service after the deductible is met.


GandCRAB ransomware is a Trojan hose that encrypts files on the compromised computer and demands a payment to decrypt them. The new GandCrab V5 Released With Random Extensions and New HTML Ransom Note

  • Initial Rapid Release version January 30, 2018 revision 023
  • Latest Rapid Release version November 30, 2018 revision 023
  • Initial Daily Certified version January 31, 2018 revision 002
  • Latest Daily Certified version November 29, 2018 revision 001
  • Initial Weekly Certified release date January 31, 2018

If you are a victim of this variant you will be asked to make a payment by the hackers – DONT DO IT.  Most likely you will simply lose your money and it’s semi-illegal not to mention you are supporting criminals activities resulting in more and more attacks.

Submit an online case or talk to our ransomware specialist to assist with GandCRAB Ransomware recovery


One of the most popular distribution methods is the coordination of SPAM messages. They are designed to appear as legitimate notifications that are regularly received by computer users. The virus files can be either attached directly or linked in the body contents.

A similar strategy is to create fake web pages that can coerce the users into thinking that they have accessed a legitimate vendor site or download portal. These two methods are commonly used to spread malicious payloads. A common form is inclusion of malicious macros in documents of various types: rich text documents, presentations, spreadsheets and databases. Once they are opened by the users a notification prompt will pop-up asking them to enable the built-in content. If this is done the virus infection will begin.

Security researcher  has discovered that the GandCrab v5 ransomware is currently being distributed via malvertising that redirects to sites hosting the Fallout_explot kit.  As the exploit kit utilizes vulnerabilities in the visitors software to install the software, a victim will become infected without knowing about it until they find the encrypted files and ransom note.


If you are infected with the GandCRAB ransomware, you most likely will experience some (or all of) the following:

  • Pop-up message advising you that your data has been encrypted and demanding that you pay a ransom.
  • Files won’t open.
  • Files have been renamed with a new extension added (GandCRAB – 5 random Id) and a contact hackers email address
  • Applications won’t open.
  • Antivirus software is disabled.
  • Computer system locked down.
  • Computer system running slowly.

Submit an online case or talk to our ransomware specialist to assist with GandCRAB Ransomware recovery


When GandCrab v5 is executed it will scan the computer and any network shares for files to encrypt. When scanning for network shares, it will enumerate all shares on the network and not just mapped drives. Therefore, it is important to make sure all network shares are locked down on your network.

When it encounters a targeted file, it will encrypt the file and then append a random 5 character extension. For example, when I tested the ransomware it appended the .lntps extension to the encrypted file’s name. This would cause a file called test.doc to be encrypted and renamed to test.doc.lntps.


In order to protect yourself from the GandCRAB, or from any other ransomware, it is important that you use good computing habits and security software. First and foremost, you should always have a reliable and tested backup of your data that can be restored in the case of an emergency, such as a ransomware attack.

You should also have security software (please talk to us about our recommendations) as most antivirus does not give you complete protection

Last, but not least, make sure you practice the following good online security habits, which in many cases are the most important steps of all:

  • Backup, Backup, Backup!
  • Do not open attachments if you do not know who sent them.
  • Restrict RDP access
  • Make sure all Windows updates are installed as soon as they come out! Also make sure you update all programs, especially GandCRAB, Flash, and GandCRAB Reader. Older programs contain security vulnerabilities that are commonly exploited by malware distributors. Therefore it is important to keep them updated.
  • Make sure you have a recommended security software installed.
  • Use complex passwords and never reuse the same password at multiple sites.


The Ransomware Recovery Experts

Some of the Ransomware infections we can recover

  • Cryptolocker / Crypt0L0cker
  • Cesar
  • Arena
  • Lukitus
  • Aleta
  • Gryphon
  • Nemesis
  • Dharma
  • Australia Post Cryptolocker
  • No_more_Ransom
  • GandCrab
  • CTB Locker
  • Teslacrypt
  • Virus data recovery
  • Malware data recovery
  • BTCWare
  • Purge
  • Cerber
  • Blackout
  • Mircop
  • Locky
  • Lockrypt
  • Master
  • Onion
  • NM4
  • Emergency Ransomware Recovery
  • All Variants of Jave Ranswomare
  • +++more

Why Choose Fast Data Recovery!

Trust the largest ransomware recovery service in Australia and New Zealand with a growing list of international clients with your data recovery


  • Guaranteed Ransomware Data Recovery Success Rate
  • Free Evaluation or Priority Evaluation for more urgent recoveries (4-24 hour response)
  • No Obligation Quotes
  • No Data = No Charge
  • Priority Data Recovery Service
  • Fast Ransomware data recovery turn around
  • Ransomware Specialist
  • 10+ years of data recovery experience
  • Hundreds of happy clients
  • International clients

Our Services

Fast Data Recovery offers an extensive range of ransomware decryption and prevention services. Click on the links below to find out more.

Shortly About Us


Fast Data Recovery is the largest ransomware recovery service in Australia and New Zealand with a growing list of international clients.


We have a dedicated team working around the clock in decrypting, analyzing and preventing ransomware attacks with guaranteed results.


Whether you’re an individual or business who needs data recovered from a recent locky, cryptolocker, Aleta, Gryphon and the like, Fast Data Recovery has the right tools, state of art equipment and best industry knowledge for guaranteed ransomware recovery, ransomware removal and ransomware prevention.

What our clients say

Review more independent clients testimonials

The Ransomware Recovery Experts

GandCRAB Recovery


Language >>