We saved a US company from an attack by the HiveLeaks ransomware, one of the most active groups on the market. We tell you all about it now.
It is becoming common to hear testimonials from companies that have had to close their doors because of ransomware attacks. Certainly, such an event can create traumas and complications for the smooth running of a business.
Large hacker groups like LockBit or BlackCat have been firing off attacks around the world looking for victims who will agree to pay the ransom to get their data back.
A Materials Engineering company was the victim of one of these attacks. Being a small company, the risk of suffering very serious impacts on the operation of the business was very high.
The interesting point was that despite the extremely worrying situation, they discarded the option of paying the ransom and funding future attacks and decided to look for experts in the field of data recovery.
The company then quickly found us through Google and initiated a contact with one of our experts.
After a first call, our team was able to get a clear picture of the situation. It had already been two days since HiveLeaks had hacked into the systems, infecting a virtual machine in a Hyper-V environment. About 400 GB of crucial information was blocked by the encryption, leaving this data completely inaccessible.
In this scenario the good news was that we had already dealt with cases similar to this one, so there was a high probability that Digital Recovery could help this company. This factor already brought a certain confidence to the customer.
Of course, we didn’t want to work only with probabilities, but with tangible numbers. So we hit upon it to perform advanced diagnostics on top of the encrypted data.
For security reasons we access the client’s environment via RDP with administrator credentials and a single user.
After this diagnosis, we were no longer talking only about probabilities, but about concrete results. With the client’s agreement, we were then able to advance the project to a new phase, decryption.
It is true that this stage can generate a certain anxiety in wanting to see the result soon. Which is normal, after having to pause almost completely the activity of a company. Each day that passed without your business running represented for the client a lost revenue opportunity.
We then established, to contain anxiety, checkpoints throughout the project. In this way, there was a transparency of processes on both sides.
Despite the certain complexity of the encryption, our specialists worked on this project for 2 days and in the end we were able to recover the encrypted files. At the end of the process, we scheduled an appointment with the customer so he could validate and test his data.
The result was that 100% of the encrypted data was recovered and made available to the client to get his company up and running again.
Today, there is a possibility of recovery even after you have suffered a ransomware attack. Nothing is lost! Digital Recovery has the technology and know-how to bring the solution your company needs.
Contact one of our experts and recover your data now.
