Ransomware Lilith

Lilith ransomware was discovered in June and has already been carrying out attacks on businesses using double extortion.

When the ransomware is executed the encryption code begins infecting the files, adding the “.lilith” extension, and data is stolen and locked. Lilith targets machines that use 64-bit versions of Windows.

A file with the ransom note is left by the group on the victim’s desktop. The attachment contains a link to the TOR network where negotiation via TOX can be carried out. The hackers give a 3-day deadline for the payment to be made. If the deadline expires, the victim risks having their data publicly exposed.

It is worth noting that there is no guarantee of getting the data back through negotiation, according to CISA (Cybersecurity and Infrastructure Security Agency), 80% of companies that resort to ransomware tend to be attacked again.

Like other groups, Lilith has a website that exposes encrypted companies. Recently a large construction network based in South America fell victim to the ransomware.

With each passing day, new hackers emerge to develop malicious software that infects systems. Because of this, companies in the field of data recovery work to bring the solution to lost data.

Recover files encrypted by Lilith ransomware

Suffering ransomware attacks is a huge loss for companies that can lead to days of delays in their productions. With this in mind, Digital Recovery has specialized in the area of recovery of files encrypted by ransomware.

We can say that in most cases it is possible to recover ransomware without negotiating with hackers. For this we have a team of engineers specialized in the area, we are willing to solve your problems quickly and efficiently.

Our services offer benefits to those who hire them, we can perform the recovery in a totally remote way, reducing the time for the delivery of results. In extreme cases, we have our emergency mode where our team works 24×7 to recover the files.

As a company, we know how valuable our data is, and to prevent it from being exposed, we offer each client a Non-Disclosure Agreement (NDA).

This ensures the confidentiality of each procedure.

If you have suffered a ransomware attack, request a diagnosis now and talk to our experts.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar Ransomware BlogXX

Ransomware BlogXX

The BlogXX ransomware group recently emerged with the theft of patient data from Mediabank, an Australian health insurance company, on October 12. According to authorities,


Ransomware Pozq

The Pozq ransomware was recently discovered after a sample submission on VirusTotal. After some analysis, evidence was highlighted that Pozq may have a relationship with

Ransomware buybackdate

Buybackdate ransomware

Buybackdate ransomware is the name of the newest extension that was discovered by cybersecurity researchers through VirusTotal. According to the experts, buybackdate belongs to the


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.