Banta Ransomware

The Banta ransomware is part of the Phobos ransomware family, which has been responsible for numerous attacks over the years. Banta was developed in .NET language and uses AES encryption.

Banta acts as a Trojan horse to break into the victim’s system, the file is downloaded via email, pirate download sites and others.

The file apparently looks normal, but the ransomware is hidden in it, and once it is downloaded, the ransomware installs itself and starts disabling programs that could interrupt the encryption process.

The ransomware can target Databases, Servers, Storages, Virtual Machines, RAID systems, these are the main targets of the group.

Through encryption access to data is blocked preventing the opening of files, the extension .banta is added to all affected files.

After the encryption is completed, a file is created and fixed on the desktop, where the victim’s information is recorded so that he/she can contact the criminals to pay the ransom.

The payment is made through cryptocurrencies, because they are practically untraceable. The e-mails used by the group are “ and”.

Banta Ransomware

Recover Files Encrypted by Banta Ransomware

Digital Recovery has been in the recovery market for over 23 years, developing unique technologies to recover files encrypted by ransomware.

Recovery can be performed on Databases, Servers, RAID Systems, Storage, Virtual Machines, and other devices. Our processes are customized, and can be adapted to any ransomware extension that made the attack.

We are used to working on highly complex cases, and the entire process is highly confidential, guaranteed by the confidentiality agreement (NDA).

We can recover data remotely, contact us and start the recovery process right now.

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.