icon-logo
  • Ransomware

Ransomware ProLock

The ProLock ransomware follows a specific strategy when choosing its victims. This strategy is called “Big Game Hunting,” referring to the fact that the group only attacks large companies.

This way, by having large companies or government networks as targets, the attackers are able to extract large payouts from the victims.

By the end of 2019 ProLock was already active, but under the name PwndLocker. In March 2020, researchers discovered a bug in the ransomware and made a decoder available for free.

After that, the group updated its ransomware to fix the known bugs, thus emerging a more powerful version that became known as ProLock.

According to security researchers, the ProLock ransomware uses the Qakbot Trojan horse to break into the system. Spam campaigns and malicious emails are the most common means of invasion for Qakbot.

Once the environment has been hacked and the ransomware launched to encrypt data on a host, the group wants to target nearby computers to generate maximum damage.

This maneuver, called lateral movement, can be done through the Windows vulnerability CVE-2019-0859 to gain administrator-level access on infected hosts.

ProLock can use these credentials to move laterally across a network via RDP, having a wider reach that can cause a lot of damage to the system and thus the functioning of an organization.

The ProLock group often asks for ransoms ranging from 35 to 90 BTC (from $400,000 USD to $1,000,000 USD) and the trend is only increasing in the coming attacks.

Recover files encrypted by ProLock ransomware

Digital Recovery has 23 years of experience in the data recovery market. We have been able to develop unique solutions that allow us to recover data encrypted by ransomware.

Because we understand the damage that data loss can do to its victims, our team of engineers is ready to respond to any incident quickly and efficiently. We provide remote solutions for most services, preventing future damage.

We have drawn up our own confidentiality agreement (NDA), which will ensure that information is not exposed.

We can guarantee a fast, personalized, and efficient service. Don’t waste time, talk to our team of experts and get your data back.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country