SchoolBoys ransomware

The SchoolBoys ransomware was identified in recent weeks by cybersecurity researchers and has already been drawing attention by the recent discovery of it being linked to the same hacker group as the TommyLeaks ransomware.

According to research, the SchoolBoys ransomware was made with the LockBit 3.0 builder that was leaked on twitter. Several hackers have taken advantage of the leaked code, which has led to a large increase in ransomware extensions.

SchoolBoys performs attacks with the intention of encrypting the victim’s data and gaining a financial return by charging a ransom amount ranging from $400,000 to $700,000.

Upon receiving the ransomware on your machine, it encrypts all your data by adding an extension with random characters as in the following example: “example.jpg.snh5fgn4ie”. After encryption all files are inaccessible.

On the victim’s desktop is attached a ransom note also with random characters, containing inside instructions for negotiating the ransom with the hackers and getting the data back.

Recover files encrypted by SchoolBoys ransomware

Even with all files infected, we assert that yes, it is possible to recover files encrypted by ransomware.

Digital Recovery is a company that has been operating for over 23 years in the data recovery scenario bringing solutions in various data center models, including ransomware attacks on your devices.

With the necessary expertise, we have been able to recover files of the most varied extensions in existence.

We provide each client with our confidentiality agreement (NDA), to ensure the protection and secrecy of the operation.

To learn more, contact one of our representatives and request your diagnosis now.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

AtomSilo Ransomware

Ransomware AtomSilo

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.