The RIG and GrandSoft exploit kits are used to distribute this strain of ransomware via phishing emails sent to victims. In the first month of distribution, the GandCrab strain is estimated to have infected about 50,000 computers, mostly in Europe, demanding a ransom of between 0 and 0,000 in DASH crypto-currency from each victim.