Ransomware Xinglocker

The Xinglocker ransomware has been carrying out attacks since its first appearance around May 2021. It targets companies that use the Windows operating system.

After finding some access to the victim’s system, whether through email campaigns, malicious links, or human inadvertence, the malware begins to act upon the data.

After encryption, Xinglocker generates a text file “READ_ME.txt”. In it, there is the detailed step-by-step for the victim to contact the cybercriminals and pay the ransom amount for the return of their data.

The group responsible for Xinglocker attacks has been attacking companies around the world while maintaining its anonymity thanks to the Ransomware as a Service (RaaS) strategy.

At first, the Xinglocker ransomware was thought to be a new version, or a variant of the MountLocker and AstroLocker ransomware.

However, over the course of the attacks, studies showed that a slightly different system was being applied. Evidence of similar senders to the same onion address was highlighted and revealed a new franking system. Which in turn was based on another similar group, Mountlocker.

It is critical to emphasize that ransomware organizations are looking for innovative methods to put into practice in their affiliate programs and RaaS operations.

Recover files encrypted by Xinglocker ransomware

Due to the large number of ransomware attacks in recent years, Digital Recovery has specialized in the recovery of data encrypted by ransomware.

An in-house solution was developed that makes data recovery possible on storage devices, databases, virtual machines, RAID systems, servers, and other storage devices.

This technology dispenses with the need for the decryption key held by hackers. We do not negotiate with criminals.

We keep in mind that each project is unique, so we solve the real needs of all our clients.We have created our NDA (Non-Disclosure Agreement), which we make available to all our clients, because we are aware that information regarding hacker attacks is extremely sensitive.

If you have experienced an attack, make the right choice, Digital Recovery has the solution to your problem. Contact our experts now and get your data back.

Digital Recovery

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Descriptografar ransomware em servidores

Decrypt Server

Ransomware attacks on servers have become a growing threat, compromising the security of critical data and business operations. This article explores the nuances of file


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.