Makop Ransomware

Makop ransomware has been expanding through its affiliate program, RaaS (Ransomware as a Service), a tactic that aims to seek partners to carry out attacks by only charging a commission on top of the ransom value. This tactic is intended to expand the attacks by bringing renown to the group.

The main target of this group has been companies in South Korea, not that they ignore companies in Europe and America, but they focus is on Korea. The group’s main targets are companies in manufacturing, education, media, technology, construction, pharmaceutical, legal, engineering, and defense.

The group uses spam email campaigns, these emails contain employment forms and materials related to copyright infringement, the ransomware is hidden in these files, which once installed disables all programs that could stop it and starts the encryption process.

At the end of the process a desktop file with a name “readme-warning.txt” is left, this document contains the group’s demands and what ways the victim can contact them.

To demonstrate that the group has the decryption key, they decrypt two files for free, but with some conditions such as not containing valuable information to the company and also no larger than 1 MB.

Recover Files Encrypted by Makop Ransomware

Ransomware decryption is a relatively new field, only companies that can develop technologies can do such recovery. A few years ago such recovery was impossible, however today, companies with Digital Recovery can recover the data.

However, this recovery is extremely delicate, as any error can compromise the files even further, so it is important to have an expert do the entire process.

At Digital Recovery, the specialists are at your disposal, they have all the necessary tools and training to be successful in the recovery.

We can recover encrypted files on any data storage device, such as HDD, SSD, Database, Storages (NAS, DAS, SAN), RAID system, Virtual Machines.

All our processes are is supported by a high level of data protection and we also provide a non-disclosure agreement (NDA).

Contact our experts and see all we can do for you.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Descriptografar ransomware em servidores

Decrypt Server

Ransomware attacks on servers have become a growing threat, compromising the security of critical data and business operations. This article explores the nuances of file


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.