Ransomware XIII

The XIII ransomware is a member of the Phobos ransomware family. Phobos was one of the most successful ransomware attacks of 2021.

Like the vast majority of ransomware groups, Phobos ceased its activities after a large spike in successful attacks. But what is becoming very common is the creation of families by these groups.

XIII ransomware invades victims’ devices through malicious e-mails, illicit programs, phishing campaigns and other ways.

In the process of encrypting the data, the extension”.XIII” is added to the files. After that, files are created with the terms for the ransom, called “info.txt” and “info.hta”.

In the ransom note the victims are threatened that if they do not pay the ransom the files will be completely lost, and that the ransom must be paid in cryptocurrencies.

Inside this ransom note are two e-mails “xlll@imap.cc” and “xlll2@xmap.cc”, containing the website address to pay to receive the decryption key.

Government authorities discourage paying the ransom, as these amounts fund the group for further attacks. Digital Recovery has therefore developed technologies capable of recovering data encrypted by ransomware without the need for the decryption key.

Ransomware XIII

Recover Files Encrypted by XIII Ransomware

Digital Recovery specializes in the recovery of data encrypted by ransomware whether on HDDs, SSDs, Databases, Servers, Storages, Virtual Machines, RAID systems.

We can recover data remotely in a totally secure virtual environment, this solution is available for all countries in the world.

We offer our customers emergency mode recovery, in which mode our labs operate with 24×7 availability.

We make available to all our customers the confidentiality agreement (NDA), which guarantees the secrecy of all information about the process.

Contact us and start data recovery now.

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.