Ransomware attacks have been on the rise these past few years and new ransomware often emerges. This July, it was the case with the Rever ransomware that has some important characteristics.
The main target of Rever ransomware is Synology NAS and Windows Server systems. After breaking in, most often done via unprotected RDP or malicious emails, the attackers encrypt the files defined as important.
The .rever extension is then added to the original name of the files present on the Synology NAS. On the other hand, files from Windows Server environments are given a random .
Among the recorded attacks, the most commonly hit locations during intrusions are the \Desktop, \User_folders, and the \%TEMP% folder, which includes the login ID.
The attackers also use the Rever ransomware to generate a text file called “README_recovery.txt”, which is the equivalent of a ransom note. Victims can find the step-by-step necessary to contact the evildoers via the TOX CHAT instant messaging software and pay the ransom in Bitcoin.
In many cases, the group offers a free sample, decrypting a file as proof that they can do file restoration. But this is not a guarantee that the group will do the restoration after payment.
Recover files encrypted by Rever ransomware
Data loss due to ransomware attacks has been responsible for the closure of many companies in recent years. That’s why Digital Recovery is positioned as your best ally in this situation.
Our experts have developed unique and very efficient solutions. Today Digital Recovery is able to recover ransomware-encrypted data from almost any storage device, such as servers, databases, virtual machines, RAID systems and others.
Out of zeal for the security and discretion of our customers, we rely on a confidentiality agreement (NDA) in every project.
We have competent teams available 24/7 and a service in English, Portuguese, Italian, Spanish, and French. What’s more, it is likely that recovery of your data is possible completely remotely.
So contact us and recover your encrypted data.