icon-logo
  • Ransomware

Ransomware FiveHands

FiveHands Ransomware, also known as Hello Kitty ransomware, was discovered by CISA (Cybersecurity and Infrastructure Security Agency), a U.S. agency focused on cybersecurity, and its attacks have been going on since May 2020. The group uses the double extortion method, which in addition to blocking the files also threatens to leak them, this tactic is used to pressure the victim to pay the ransom as soon as possible.

In some cases, if the victim does not pay or respond quickly, they threaten a break-in to the company’s public website. The ransom payment is made in cryptocurrencies, the amount of the ransom varies depending on the size of the attacked company.

The initial access of the FiveHands ransomware is different from other ransomware, which attack victims through email campaigns, FiveHands uses VPN devices, this access allows them to generate a VPN profile and enter the victim’s target network, using the hostname and then deploy the ransomware thus initiating encryption.

The group became famous for attacking video game studio CD Projekt Red (producer of The Witcher and Cyberpunk 2077) in February this year. After the attack the group confirmed on the dark web that the information that was stolen from the studio had been sold to a third party, but this was never actually confirmed.

The attacks are usually aimed at Linux servers using virtual machines. After the invasion the ransomware encrypts the victim’s data, and together with pCloud synchronizes the files in the cloud, so that even if the victim shuts down the computer or the internet the group can extract the files to perform double extortion.

Recover Data Encrypted by FiveHands Ransomware

Authorities do not recommend paying the ransom, as such payments fund the criminal group with resources for further attacks.

Therefore, we at Digital Recovery have developed solutions capable of recovering files encrypted by ransomware. We can recover HD, SSD, Storage, RAID, Virtual Machines, Databases and others.

Working 24×7 in emergency mode. All our processes are backed by the confidentiality agreement (NDA) and in accordance with LGPD (General Law of Data Protection).

Even if you have received a negative diagnosis or lead times do not meet your expectations, we accept the challenge of analyzing your case, with online follow-up and real-time feedback throughout the process. Contact us and see what we can do for your company.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country