Admin Locker Ransomware

The Admin Locker ransomware was first seen in December 2021, the group uses a junction of the RSA and AES algorithms for encryption, this algorithm is extremely complex and produces a decryption key that only the group has access to.

The Admin Locker targets all files stored on the device, as well as the backup system so that all possibilities of restoring the files are compromised.

The group uses numerous strategies to break into the victim’s system, the most used are by distributing pirated media, game cracks, software activators, but these are not the only ways the group can exploit other strategies such as spam email campaigns, phishing, among others.

The group adds extensions to the encrypted files, these are: .admin1, .admin2, .admin3, .1admin, .2admin or .3admin. All files with these extensions cannot be opened without the decryption key.

The group leaves a file on the desktop with the ransom terms as well as explaining how what happened to the victim’s files, some threats that the files can only be accessed with the help of the groups, and a link to the TOR browser for the victim to contact and negotiate the ransom amount.

The ransom amounts can easily reach thousands of dollars, and there is no guarantee from the group that the key will even be released after payment.

Recover files encrypted by Admin Locker ransomware

Digital Recovery has been in the data recovery market for over 23 years, and has specialized in the recovery of files encrypted by ransomware, in the vast majority of storage devices, such as Database, Storages, RAID System, Virtual Machines, Servers and others.

Our specialists are highly qualified and have developed solutions that can be applied remotely, we can recover data in any company in the world.

We provide all of our customers with a confidentiality agreement (NDA), because we know that confidentiality in these cases of ransomware attacks is vital.

Contact us and start the recovery right now.

Digital Recovery helps companies recover data

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

AtomSilo Ransomware

Ransomware AtomSilo

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.