Share on facebookFacebook
Share on twitterTwitter
LV ransomware has its code structure based on the structure of the REvil Sodinokibi ransomware, which was the tormentor of numerous companies after a wave of attacks in the United States.
After those attacks, the REvil group ceased its activities because of the attention its attacks received from the US government. It is unclear whether the group passed its code structure to GOLD NORTHFIELD, the group controlling the LV ransomware, or whether the group managed to break the malware’s code and adapted it for their group.
The emergence of a group like GOLD NORTHFIELD is a real concern because it shows to be a much larger organisation than other ransomware groups.
Like other ransomware groups, LV ransomware uses the RaaS (Ransomware as a Service) tactic, which is to attract affiliates to do the attacks, thus making the attacks spread easier and wider.
In addition to RaaS the LV ransomware relies on two active sites for leaking the hijacked data, this is a tactic that has become common.
The biggest weapon cybercriminals have is fear and ignorance of alternative ways to recover data, using threats to make the victim see no other way but to pay the ransom. Even though the victim does not have absolute certainty that the files will be returned intact, nor that in the future the data will not be leaked.
In the ransom note the group leaves on the victim’s system, we can notice a line with several threats and a proud tone that without them their data will not be recovered. Remember: they use misinformation as a weapon to generate fear in the victims.
Even without the decryption key, recovery is possible and Digital Recovery specialises in this.
Over the years and with the massive increase in ransomware attacks around the world, a race to develop technologies capable of recovering encrypted data has begun. And in this race, Digital Recovery stood out and today has the technology needed to recover data encrypted by any ransomware extension and on any storage device.
The knowledge and ability to develop technologies are our greatest differentials, in addition to personalised service and the monitoring of an expert from the first contact of the client until the end of the process.
All our processes were made to adapt to the real needs of each client, all these processes are in accordance with European General Data Protection Regulation (GDPR) and we also provide a non-disclosure agreement (NDA).
In our portfolio we have the remote recovery mode, this type of recovery can be done in almost any storage device, cheque the conditions with our experts.
We also offer emergency recovery mode, so our labs work 24×7 so that the process is done as quickly as possible.
Count on Digital Recovery’s experience to recover your encrypted files.