icon-logo
  • Ransomware

Ransomware HelloKitty

The HelloKitty ransomware, also known as FiveHands, has become quite relevant, to the point of drawing the attention of CISA and the FBI.

The group was first spotted in December 2020 and remains active to this day. Their biggest publicized attack was on CD Projekt Red, the electronic game company known for “The Witcher” franchise.

HelloKitty uses the RRansomware as a Service (RaaS) tactic. Which allows ransomware to be bought and sold to anyone, thus making the group’s reach greater.

In most attacks systems are hacked from breaches caused by the vulnerability of the defense system known as SonicWall.

The FBI reported that in addition to encrypting the machine, the group puts pressure on the victim, giving them a deadline to pay, if the deadline expires the information will be leaked or sold to third parties.

For each target, the hackers make an assessment to determine a ransom amount, however all payments must be made with Bitcoin.

In December 2020 the featured victim was the Brazilian company Companhia Energética de Minas Gerais (CEMIG). The attack paralyzed the system for 3 days and the company’s staff chose not to negotiate with the group but to make a backup of all the information.

Thanks to this invasion, we had access to the encryption key that HelloKitty uses, the RSA-1024. A very common encryption algorithm among ransomware. After the data is encrypted the extension “.kitty” or “.crypted” is added to each infected file.

HelloKitty ransomware came from the same family as Scarab ransomware. And besides FiveHands it has other name variations like:

  • KittyCrypt
  • Kitty Ransomware

Recover files encrypted by HelloKitty ransomware

HelloKitty is one of thousands of ransomware extensions that exist on the Internet. And we at Digital Recovery have the profile to recover files encrypted by ransomware. We have been working with data recovery for over 23 years seeking to recover encrypted files without negotiating with hackers. Our company has a technology known as Tracer. Capable of drastically reducing file recovery time, elevating our results.

And we provide clients with a confidentiality agreement (NDA) that guarantees your data will not be disclosed.

If you are looking for solutions to recover data encrypted by ransomware, Digital Recovery is the right choice. Start your diagnosis now.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country