Ransomware Ragnar Locker

Ragnar Locker Ransomware acts differently from other ransomware, because in addition to invading the system and encrypting the data, it also shuts down installed programs that could cause you some risk (such as software updaters and anti-malware) and that can somehow fight the ransomware attack and stop its system invasion.

This Ransomware emerged in late 2019, and like many other known ransomware variants, (such as BlackMatter, LockBit 2.0 and REvil) Ragnar Locker uses a double extortion technique, to “force” victims to pay, where data is locally encrypted and filtered before the ransom demand is made. And if the victim refuses to pay, their data is published on a website located on the dark web.

Ragnar Locker also features the “wall of shame,” where a list of victims recently attacked by them is published.

Ragnar Locker only attacks Windows operating systems, and these attacks are completely unobtrusive because the malware is only 55 kb in size.

The first thing they do after the invasion is language scanning on the user’s system. For Ransomware avoids some countries and concentrates on Europe, the United States and Latin America.

Ragnar Locker also attributes attacks to some big companies, such as EDP (Portugal’s energy supplier) and Capcom (game developer), these attacks were million dollar attacks, one example, the group demanded EDP 10 million dollars so they could unlock and not leak the company’s data (which was valued at 10 TB of data).

Recover Files Encrypted by Ragnar Locker Ransomware

Digital Recovery specializes in Ransomware recovery, performing 24×7 work in emergency mode. Our specialists are fully dedicated to the customer, from the first contact to the delivery of the data.

We have our own tool called Tracer, which through millions of calculations recovers the files (without the decryption key), this tool not only assists in the recovery but speeds up the recovery process, which is faster and more effective, to the customer’s satisfaction.

Our processes are compliant with also provide NDA (Confidentiality Agreement).

And this is the most secure alternative of all, encrypted data recovery.

If you have been a victim of Ragnar Locker ransomware contact our experts and start the recovery process now.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

AtomSilo Ransomware

Ransomware AtomSilo

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.