Ransom.SunCrypt

SunCrypt ransomware, also known as Ransom.SunCrypt, is one of the clear examples of how ransomware groups act after successful attacks on large companies.

After these attacks they shut down their activities for a while and soon after a new ransomware appears, which is just a derivation of the old ransomware, in other words they just change the name and continue with the same tactics.

The SunCrypt ransomware emerged under the name QNAPCrypt, also known as eCh0raix, they were known at the time for their attacks targeting the Linux operating system and searching for NAS (Network Attached Storage) servers, they specialized in this.

After some time and several successful attacks, the group disappeared and later emerged under the name SunCrypt, and has remained under that name ever since. But with a curious feature, the fact that they claimed to team up with the Maze barracks, which control the Maze, Lockbit and Ragnar Locker ransomware.

Three malware that have acted frantically and have become big among ransomware groups. SunCrypt claimed that it joined the group because they were not keeping up with the demand.

Interestingly, the Maze cartel later vehemently denied that SunCrypt had joined their cartel. There was no further word from SunCrypt on this.

But the fact is that after the supposed merger with Maze, SunCrypt attacks increased rapidly. We may never know if there was in fact such a union between them, but the fact is that the attacks continue. The group has focused on educational institutions and hospitals.

The group works with the RaaS (Ransomware as a service) tactic of outsourcing attacks, it has been seen on Dark Web forums the group is looking for partners who want to do attacks with their ransomware.

Ultimately it can be seen that SunCrypt is seeking authority on the global ransomware scene. This is worrisome because the way they consolidate themselves in the market is with successful attacks, this shows how committed the group is to increasing the numbers of their attacks.

Given this, it is important that you know a company that is able to recover files encrypted by SunCrypt ransomware.

Recover Files Encrypted by SunCrypt Ransomware

Digital Recovery is one of the few companies that are able to recover files encrypted by ransomware, this type of recovery requires technology that few companies have.

We were able to develop such a technology, we call it Tracer, it has obtained good results in cases of total and partial encryption of files.

We can recover data from virtually any storage device, be it a HDD, SSD, Database, Server, Virtual Machine, Storages (NAS, DAS, SAN), RAID system, and others.

All our processes are secure for data integrity and are compliant with NDA (Non-Disclosure Agreement).

Count on Digital Recovery to recover your data that has been encrypted.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery