The Ransom Cartel has emerged with similarities to the REvil Sodinokibi ransomware, there are certain technical similarities between them, however, it is unclear whether it is really a copy of REvil or a new ransomware that is simply similar.
The files encrypted by Ransom Cartel feature the extension change, ‘.294l0jaf59.‘ is added. The ransom note closely resembles the note from the renowned Revil Sodinokibi.
The leaders of the REvil group remain with unknown fate, but numerous groups have attempted to take over the legacy left by REvil, which was one of the most lethal groups of recent times. Perhaps the Ransom Cartel is another such group.
To attack its victims, Ransom Cartel uses Phishing campaigns to access the device, and after the invasion it starts encrypting and blocking access from the administrators. After finishing the encryption process a ransom note is left on the desktop.
In the ransom note is left the information for the victim to contact the group and make the payment of the ransom, this contact is made by .TOR and the payment is made in cryptocurrencies.
Recover Files Encrypted by Ransom Cartel
With over 20 years in the market, Digital Recovery has the necessary know-how to recover data encrypted by ransomware. We can recover files stored in Databases, Virtual Machines, Storages, RAID Systems, Servers and others.
We do not negotiate with hackers, we can recover data even without the decryption key, we have exclusive technologies for this.
The confidentiality of information about processes and about our customers is guaranteed by the confidentiality agreement (NDA).
In cases where the affected media cannot be sent to our lab, we make data recovery remotely available; our solutions cover companies worldwide.
We can also perform emergency mode recovery, in which case our labs operate with 24×7 availability.
Contact us and start data recovery now.