icon-logo
  • Ransomware

Ransomware Agenda

A new ransomware makes its appearance in the cyber world, the Agenda ransomware. Researchers have detected worrying moves on the part of this new group. In a short period of time they have already orchestrated several attacks targeting organizations in Asia and Africa.

The Agenda ransomware was developed in the Go programming language. A language widely used by hackers to develop malware.

The name Agenda comes from a post by a Dark Web user named ”Qilin” who is probably part of the ransomware distributors.

The group behind the Agenda ransomware executes well-targeted attacks on studied victim companies. In each invasion, the operating mode is very customized. In this way the Agenda ransomware is able to deeply damage company systems.

The ransomware is able to reboot systems into Windows safe mode and disrupts running server processes and services.

In an investigation into the group’s previous attack, researchers discovered that the group behind the Agenda ransomware used a Citrix server as an entry point into the victim’s environment.

Using leaked identities, the threat actors gained access to Active Directory via RDP and then scanned the network using the scanning tools Nmap.exe and Nping.exe.

With these strategies, the Agenda ransomware infected data from healthcare and education organizations in Indonesia, Thailand, Saudi Arabia, and South Africa.

Its ransom demands are relatively high and can range from $50,000 to $800,000.

Of course, an attack of this magnitude can turn many companies or organizations upside down. And at such times it is crucial to have competent professionals that can turn the situation around.

Recovering files encrypted by ransomware Agenda

Digital Recovery has been in the data recovery market for over 23 years. In that time we have managed to build a solid team of experts who act to recover data encrypted by ransomware.

We have developed unique solutions to recover encrypted files on almost all types of storage devices, such as servers, databases, virtual machines, RAID systems, and others.

All these solutions can be executed remotely and deployed quickly and securely to any company or organization worldwide.

We rely on confidentiality in our services because we understand the importance of guaranteed anonymity for our own customers. Also provide a confidentiality agreement (NDA).

We can start the recovery process immediately, just contact us and request an advanced diagnostic.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country