Soon after a new wave of LockBit 2.0 ransomware attacks, many companies saw their business come to a standstill because of data locked up by encryption. Here is a case of decryption for one of them.
Through our website chat, we received a contact from one of the companies that was a victim of the recent LockBit 2.0 ransomware attack wave. Amidst the desperation and distrust on the part of the customer, we were able to assist them in the best way possible.
After some time talking, we were able to establish the project scenario, which was: All your virtual servers had been affected. The result of this was that your VMs in Hyper-V and VMware could no longer boot.
With this information, it was time to show that decryption of the files was possible. Due to the size of the data, the best option was to perform advanced remote diagnostics directly on the customer’s machine.
With his authorization, we performed the diagnosis of one of his three infected disks, thus making it possible to start the data decryption process. The customer’s fear was gradually giving way to a perceptible relief at the new possibility of reviewing his data. And thus get your company back in full working order.
Once our proposal was accepted, the disk was physically forwarded to our nearest laboratory. We agreed on a number of checkpoints during the project, which brought peace of mind to the client and his team. Our experts worked on the files for 3 days. For sure, this was one of the differentials that the client saw in Digital Recovery, a fast action and a short process time.
Happy to hear that the decryption was going very well, we quickly scheduled a time for the next day for the homologation of the data. “It’s all here!” That’s what he said when he saw that everything he had lost on the disk had been restored.
The disk was then shipped to the customer in the next few hours. Project completed successfully and in a very short time, as promised.
After the successful decryption, the client did not want to delay long before we set off on a new project concerning their two remaining disks that were also attacked. The result of this journey, after deciding not to negotiate with the hackers, was that all their files were successfully decrypted. This amounts to more than 1.5TB of information crucial to the smooth running of the company.