We saved a US company from an attack by HiveLeaks ransomware, one of the most active groups in the market. We tell you all about it now.
It is becoming common to hear testimonials of companies that have had to close their doors because of ransomware attacks. Certainly, such an event can create traumas and complications for the smooth running of a business.
Large hacker groups like LockBit or BlackCat have been firing off attacks around the world looking for victims who will agree to pay the ransom to get their data back.
A Materials Engineering company was the victim of one of these attacks. Being a small company, the risk of suffering very serious impacts on the functioning of the business was very high.
The interesting point was that despite the extremely worrying situation, they ruled out the option of paying the ransom and funding future attacks and decided to look for experts in the field of data recovery.
The company then quickly found us through Google and initiated a contact with one of our experts.
After an initial call, our team was able to get a clear picture of the situation. It had already been two days since HiveLeaks had hacked into the systems, infecting a virtual machine in a Hyper-V environment. Around 400 GB of crucial information was locked by the encryption, leaving this data completely inaccessible.
In this scenario, the good news was that we had already dealt with cases similar to this one, so there was a high probability that Digital Recovery could help this company. This factor already brought a certain confidence to the client.
Of course, we didn’t want to work only with probabilities, but with tangible numbers. So we hit to perform advanced diagnostics on top of the encrypted data.
For security reasons we access the client environment via RDP with administrator and single user credentials.
After this diagnosis, we were no longer talking only of probabilities, but of concrete results. With the client’s agreement, we were then able to advance the project to a new phase, decryption.
It is true that this stage can generate a certain anxiety in wanting to see the result soon. Which is normal, after having to pause almost completely the activity of a company. Each day that passed without your business running represented for the client a lost revenue opportunity.
We then established, to contain anxiety, checkpoints throughout the project. In this way, there was a transparency of the processes on both sides.
Despite the certain complexity of the encryption, our specialists worked on this project for 2 days and in the end we managed to recover the encrypted files. At the end of the process, we scheduled an appointment with the client so he could validate and test his data.
The result was that 100% of the encrypted data was recovered and made available to the client to get their company back up and running.
Today, there is a possibility of recovery even after having suffered a ransomware attack. Nothing is lost! Digital Recovery has the technology and know-how to bring the solution your company needs.
Contact one of our experts and recover your data now.