Soon after a new wave of LockBit 2.0 ransomware attacks, many companies saw their business come to a standstill because of data locked out of encryption. Here is a case of decryption for one of them.
Through our website chat, we received a contact from one of the companies that were victims of the recent wave of LockBit 2.0 ransomware attack. Amidst the desperation and distrust on the part of the customer, we were able to serve them in the best way possible.
After a while of talking, we were able to establish the project scenario, which was: All your virtual servers had been affected. The result of this was that, your VMs on Hyper-V and VMware could no longer boot.
Having this information, it was time for us to show that decryption of the files was possible. Due to the size of the data, the best option was to perform advanced remote diagnostics directly on the customer’s machine.
Com sua autorização, efetuamos o diagnóstico de um de seus três discos infectados, viabilizando assim a inicialização do processo de descriptografia dos dados. The client’s fear was gradually giving way to a perceptible relief at the new possibility of reviewing his data. And thus get your company up and running again.
Once our proposal was accepted, the disk was physically forwarded to our nearest laboratory. We agreed on a number of checkpoints during the project, which brought peace of mind to the client and his team. Our experts worked on the files for 3 days. For sure, this was one of the differentials that the client saw in Digital Recovery, a quick action and a short deadline for the process.
Happy to hear that the decryption was going very well, we quickly scheduled a time for the next day for the homologation of the data. “It’s all here!” That’s what he said when he saw that everything he had lost on the disk had been restored.
The disc was then sent to the client in the next few hours. Project completed successfully and in a very short time, as promised.
When faced with the success of the decryption, the client did not want to take long for us to leave for a new project regarding their two remaining disks also attacked. The result of this journey, after deciding not to negotiate with the hackers, was that all their files were successfully decrypted. This equates to over 1.5TB of information crucial to the smooth running of the company.