Tens of thousands of GandCrab spam emails are being distributed each day, with mail servers hosted in the US by far the most common target, accounting for three quarters of deliveries. When it comes to successful infections, the US currently accounts for the fourth largest percentage of victims, behind Peru, Chile and India.
The best response to GandCrab and ransomware in general, say researchers, is to "always have a backup stored in an isolated network environment in order to successfully recover a compromised system". They also recommend that the best defence is "good cyber hygiene and safe practices".
Fortinet also note that the IP address distributing GandCrab isn't just limited to ransomware - it's also hosting other malware including the backdoor access and control worm Phorpiex, the IRCbot trojan and a cryptocurrency coin miner.