The Admin Locker ransomware was first seen in December 2021, the group uses a junction of the RSA and AES algorithms for encryption, this algorithm is extremely complex and produces a decryption key that only the group has access to.
The Admin Locker targets all files stored on the device, as well as the backup system so that all possibilities of restoring the files are compromised.
The group uses numerous strategies to break into the victim’s system, the most used are by distributing pirated media, game cracks, software activators, but these are not the only ways the group can exploit other strategies such as spam email campaigns, phishing, among others.
The group adds extensions to the encrypted files, these are: .admin1, .admin2, .admin3, .1admin, .2admin or .3admin. All files with these extensions cannot be opened without the decryption key.
The group leaves a file on the desktop with the ransom terms as well as explaining how what happened to the victim’s files, some threats that the files can only be accessed with the help of the groups, and a link to the TOR browser for the victim to contact and negotiate the ransom amount.
The ransom amounts can easily reach thousands of dollars, and there is no guarantee from the group that the key will even be released after payment.
Recover files encrypted by Admin Locker ransomware
Digital Recovery has been in the data recovery market for over 23 years, and has specialized in the recovery of files encrypted by ransomware, in the vast majority of storage devices, such as Database, Storages, RAID System, Virtual Machines, Servers and others.
Our specialists are highly qualified and have developed solutions that can be applied remotely, we can recover data in any company in the world.
We provide all of our customers with a confidentiality agreement (NDA), because we know that confidentiality in these cases of ransomware attacks is vital.
Contact us and start the recovery right now.
