Night Sky Ransomware recently emerged, on December 28, 2021 to be exact, making attacks on two large companies, one of which is TGC (Tokyo Computer Service) one of Japan’s largest computer companies and AKIJ Group, one of the largest industrial conglomerates in Blangadesh.
TGC’s servers that were hit by ransomware contained employee data and other confidential files. According to the group, all the files were encrypted and a portion extracted to be used as blackmail.
Night Sky works in a way that we have seen in other groups, working as follows, if the victim contacts within 3 days of the encryption the ransom amount drops considerably. If the company is not willing to comply with the group’s requests, the stolen data is leaked on the group’s website.
If there is no communication with the group after a week, the communication account is deactivated, each company attacked has a specific means of communication, usually via e-mail (firstname.lastname@example.org).
This ransomware encrypts data from compromised corporate computers using a combination of AES + RSA algorithms and demands a ransom in BTC (Bitcoin) for the decryption key to be released.
Night Sky ransomware spreads via unsecured RDP setups, spam and malicious email attachments, phishing, fake downloads, botnets, exploits, malicious ads, web injection, fake updates, repackaged and infected installers.
Digital Recovery specializes in recovering data encrypted by ransomware of any length and variant, on any storage device, such as HDDs, SSDs, Databases, Virtual Machines, Storages, Servers, RAID Systems and others.
We have developed our own technologies for data recovery, among them is the Tracer, with which we have obtained good results in data recovery. Besides the Tracer, we have an exclusive technology that allows us to recover encrypted data remotely from anywhere in the world.
In emergency mode our labs work with 24/7 availability, the client decides if they want to activate this recovery mode, in this mode, the duration of the process is drastically reduced.
All our processes have been developed in accordance with the General Data Protection Act (LGPD) and we provide all our customers with a confidentiality agreement (NDA).
Start the recovery process now, contact our experts.