icon-logo
  • Ransomware

Ransomware HolyGhost

The Holy Ghost Ransomware is an organization that has been operating since June 2021, carrying out small-scale double extortion attacks. Its method consists of stealing information and threatening to expose it on its TOR domain.

According to the researchers, the group chooses not to attack large institutions that require time and complex strategies. But they aim to conduct smaller operations in several countries, targeting the financial, educational, and industrial sectors.

Holy Ghost encrypts the victim by adding the extension “.h0lyenc” to each infected file, blocking access to the information.

To obtain a financial return on its operations, the group asks for amounts ranging from 1.2 to 5 bitcoins in order to decrypt the victim’s data. It is worth noting that dealing with the group is extremely dangerous and can result in further losses.

Upon investigation, it was detected that Holy Ghost is North Korean, with no support from the local government, focused solely on the own income of the hackers involved in the project.

One feature that caught the attention of investigators is that the tools used by the group were created by another ransomware extension known as PLUTONIUM. This could indicate a possible connection between the groups.

It is common for ransomware groups to use different names in their attacks, Holy Ghost is just one of several names of the organization, it is also known as SiennaPurple, H0lyGh0st and DEV-0530.

Recover files encrypted by HolyGhost ransomware

Digital Recovery is able to recover files encrypted by ransomware without negotiating with hackers.

We have been working in the data recovery market for over 23 years, developing unique and innovative technologies that are prominent in the market.

We recognize the damage that file loss can do to victims, so our team of engineers is ready to tackle each occurrence with agility and efficiency. For most services, we offer a remote solution, preventing further damage.

We have also drawn up our own confidentiality agreement (NDA) that will result in information secrecy without risk of exposure.

We have already helped our clients not to lose millions of dollars by paying the ransom. For extreme cases, you can trigger the emergency mode, where our experts will provide exclusive 24×7 support.

Talk to one of our specialists now and receive a real-time diagnosis.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country