Ransomware attacks on servers have become a growing threat, compromising the security of critical data and business operations. This article explores the nuances of file encryption by ransomware and solutions for decrypting servers. Ransomware is an advanced form of malware that encrypts a server’s files, preventing legitimate access to the data. Cybercriminals then demand a ransom to provide the decryption
A group that has remained in the shadows of the giants of ransomware attacks, but which has now shown itself to be a well-structured and accurate attacker, the Akira ransomware. The group was first spotted in March 2023 and, since then, it has been constantly attacking, but unlike the big ransomware, Akira has invested its attacks in medium-sized and small
The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is charged for the release of the decryption key. If the company makes contact with the group within the first 48 hours this amount can drop by half. AtomSilo appears to be a variant of the
Deeep ransomware works like other ransomware groups, it is part of the Dharma family. It encrypts the files stored on the attacked computer or the breached network, making them inaccessible. Deeep changes the extension of the encrypted files by adding “1.doc.id-9ECE4KF” and variations. The group uses RSA and AES encryption. After the files are encrypted, a document named “FILES ENCRYPTED.txt” is pinned to the
Soon after a new wave of LockBit 2.0 ransomware attacks, many companies saw their business come to a standstill because of data locked up by encryption. Here is a case of decryption for one of them. Through our website chat, we received a contact from one of the companies that was a victim of the recent LockBit 2.0 ransomware attack
The Pozq ransomware was recently discovered after a sample submission on VirusTotal. After some analysis, evidence was highlighted that Pozq may have a relationship with the Djvu group.
Buybackdate ransomware is the name of the newest extension that was discovered by cybersecurity researchers through VirusTotal. According to the experts, buybackdate belongs to the same ransomware family as ZEPPELIN.
The RedKrypt ransomware has been active in recent days carrying out ransomware attacks. Researchers detected it by analyzing samples submitted to VirusTotal, an attack reporting platform.
The SchoolBoys ransomware was identified in recent weeks by cybersecurity researchers and has already been drawing attention by the recent discovery of it being linked to the same hacker group as the TommyLeaks ransomware.
BlueSky Ransomware is a new extension discovered by researchers and has many similarities to another famous group, known as Conti.
Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.
Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery
