Makop Ransomware

Makop ransomware has been expanding through its affiliate program, RaaS (Ransomware as a Service), a tactic that aims to seek partners to carry out attacks by only charging a commission on top of the ransom value. This tactic is intended to expand the attacks by bringing renown to the group.

The main target of this group has been companies in South Korea, not that they ignore companies in Europe and America, but they focus is on Korea. The group’s main targets are companies in manufacturing, education, media, technology, construction, pharmaceutical, legal, engineering, and defense.

The group uses spam email campaigns, these emails contain employment forms and materials related to copyright infringement, the ransomware is hidden in these files, which once installed disables all programs that could stop it and starts the encryption process.

At the end of the process a desktop file with a name “readme-warning.txt” is left, this document contains the group’s demands and what ways the victim can contact them.

To demonstrate that the group has the decryption key, they decrypt two files for free, but with some conditions such as not containing valuable information to the company and also no larger than 1 MB.

Recover Files Encrypted by Makop Ransomware

Recovery of files encrypted by ransomware is a relatively new field, only companies that can develop technologies can do such recovery. A few years ago this kind of recovery was impossible, today however, some companies are able to recover the data affected by ransomware.

However, this recovery is extremely delicate, as any error can compromise the files even further, so it is important to have an expert do the entire process.

At Digital Recovery, the specialists are at your disposal, they have all the necessary tools and training to be successful in the recovery.

We can recover encrypted files on any data storage device, such as HDD, SSD, Database, Storages (NAS, DAS, SAN), RAID system, Virtual Machines.

All our processes are is supported by a high level of data protection and we also provide a non-disclosure agreement (NDA).

Contact our experts and see all we can do for you.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

AtomSilo Ransomware

Ransomware AtomSilo

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.