Memento Ransomware

The Memento ransomware has used a very different tactic than other ransomware, unlike other groups that encrypt all files, Memento does not.

The group was unable to apply encryption to the files because the process was prevented by endpoint protection, a tool used by anti-ransomware software.

With this hindrance the group found another tactic, instead of encrypting all the files, the ransomware copies the files and transfers them to a private, password-protected folder, and the key to the folder is encrypted, and the original files are deleted.

Then, without the decryption key it will not be possible to access the folders, and besides holding the files “hostage” the group also removes some files to apply double extortion.

If the victim does not pay the ransom, the decryption key will be permanently deleted and the files that were removed will be leaked on the Dark Web.

In addition to this difference in the way encryption works, some of the invasions by Memento have identified the installation of cryptocurrency miners on victims’ servers.

This shows that Memento ransomware has been developed as malware that can go far beyond encryption and file theft.

Given this extremely complicated scenario, it is necessary to enlist the help of a company that is able to recover files encrypted by Memento ransomware.

Recovering Files Encrypted by Ransomware Memento

For over 20 years Digital Recovery has worked tirelessly on developing technologies capable of recovering data. All these years of experience enabled us to develop Trace, a technology capable of recovering files encrypted by ransomware.

Our processes are customized to meet the real needs of each client, and during the entire process the client is accompanied by one of our specialists.

We can recover data from virtually any storage device, such as HDDs, SSDs, Databases, Servers, Virtual Machines, Storages, RAID systems, and others.

All processes are done in a totally secure environment, with our services, our clients save more than 100 million dollars by not paying the ransom.

We are at your company’s disposal to recover all files that were lost or encrypted by the Memento ransomware.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery