Ransomware Sekhmet

The Sekhmet ransomware has been increasing the number of its attacks around the world, the group has similarities to the ransomware controlled by the Maze barracks. But even though there are similarities, it is not part of the barracks.

Sekhmet like the vast majority of ransomware groups uses RaaS (Ransomware a as Service) tactics and double extortion.

These two tactics are extremely dangerous and aggressive, RaaS exponentially increases the capacity of attack numbers and scope of these attacks. Double extortion, on the other hand, relies on locking the company’s system by encryption and extracting sensitive files for the company to use for blackmail.

The Sekhmet ransomware maintains a site for leaking files on the Dark Web, and companies are fined if sensitive customer data is leaked.

The main tactic implemented by Sekhmet to break into systems are spam email campaigns, these emails carry files that contain ransomware that when downloaded evades the system defenses and closes them, and also closes any program that could prevent the complete encryption of the files.

After encryption the system is locked and a document is left with the name “RECOVER-FILES.txt” this document leaves instructions on how the victim can proceed to recover their files.

The group provides decryption of at least three files to demonstrate that they have the real decryption key, and they say that after the ransom is paid they send a report to the victim showing how the break-in was done.

Sekhmet Ransomware

Recovering Files Encrypted by Ransomware Sekhmet

The only thing to do after having your files encrypted by ransomware, is to take counter measures that will lessen the financial damage to the company. And, there is no guarantee that the group will actually release the decryption key after payment.

In this scenario, the best option to do is to recover the encrypted data with a specialized company, which will not need a decryption key.

Few companies are able to do this recovery, among these companies is Digital Recovery. With more than 20 years of experience we have the necessary expertise to make the recovery with total security.

All our processes are backed by the General Law of Data Protection (LGPD) and the confidentiality agreement (NDA).

We can recover virtually any storage device, including HDDs, SSDs, databases, RAID systems, storages (NAS, DAS, SAN), virtual machines, and more.

Count on Digital Recovery to recover your encrypted files.

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.