Quickbooks accounting software was launched in 1998 by Intuit, and since then it has taken over the accounting market, in 2008 the software was being used in 94.2% of retail units in the business accounting category in the United States.
Quickbooks has expanded its functionality and scope to become an internationally used software. It is compatible with Windows and MacOS operating systems, and provides automatic backup and storage in the cloud. The files it generates are given the extension .QBW and .QBB.
Given all this success, Quickbooks has become a target for cybercriminals, with phishing campaigns aimed exclusively at the software’s users, mainly from ransomware groups that aim to encrypt all data stored by the software, whether in the cloud or on storage devices.
Criminals have been forging emails impersonating Intuit, informing customers that their plans have expired and asking them to update their registration via a link or document attached to the email, which contains ransomware that will be installed once opened. This has been the primary means of attack, but it is not the only one.
After the invasion, the ransomware disables all system defenses and any program that can activate countermeasures to cripple the encryption.
In addition, the groups have developed their ransomware to specifically look for backups, to take away any option for the victim other than paying the ransom amount requested by the group for the release of the decryption key.
These amounts can easily reach millions of dollars, which must be paid in cryptocurrency, they are used because they are almost impossible to trace. The good news is that even if all the files have been encrypted, including the backup, there is still an alternative to paying the ransom, namely encrypted data recovery by specialized companies.
Recovery of Quickbooks File Encrypted by Ransomware
Digital Recovery specializes in the recovery of files encrypted by ransomware, whether on physical devices or virtualized environments. With more than 20 years of experience we have developed unique solutions for data recovery.
We can sign a non-disclosure agreement (NDA) with our clients.
We can also recover from any place in the world via remote recovery. In cases where recovery is an emergency, our labs operate with 24x7x365 availability.
During the entire process, the customer is followed by one of our specialists. We are able to start the recovery process right now, contact us.