0mega Ransomware

0mega is a new ransomware extension released in May 2022. The group uses double extortion strategies, just like LockBit and other hacker families.

The double extortion adopted by the ransomware variants, consists of in addition to charging a fee to recover the encrypted files, the groups threaten to expose the victim’s data if the negotiation does not take place.

The ransomware adds a “.0mega” extension to all infected files, blocking access and stealing the data. A ransom note called “DECRYPT-FILES.txt” is also inserted on the user’s desktop .

The 0mega ransom notes are customized for each victim. Containing company name, samples of stolen data and the link to their TOR domain. Only those who have suffered a ransomware attack have the login key to the site, as the ransom note has a blob (Binary Large Object) encoded in Base64. The group also contains a website dedicated to leaking corporate data that is being encrypted.

Currently the site claims to have access to over 150 gb stolen from a single target. And last month, one of the exposed companies was removed from the ransomware’s list, making the idea that ransom was held by the victim.

So far there is no information of amounts demanded by the 0mega and also the encryption algorithm has not been revealed.

Recover files encrypted by 0mega ransomware

0mega ransomware is just one of several malware families. Digital Recovery has been specializing in ransomware encrypted data recovery for years. We have developed methods to recover corrupted files on Database, Storage, NAS, DAS, SAN and any RAID level.

Due to the damage that data loss can cause, we offer services in emergency mode, providing a team of experts who will attend to your occurrence day and night without negotiating with hackers.

Our solution to deal with ransomware is totally remote, speeding up the recovery procedures. And for efficiency and success of our services, we operate within the General Data Protection Regulation (GDPR)

A company’s data and information are extremely sensitive files, and to prevent files from being leaked, we have our own confidentiality agreement (NDA).

Digital Recovery is prepared for any data loss scenario. Contact us and request a diagnosis right now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Récupérer le Ransomware Makop

Makop Ransomware

The Makop ransomware has grown through its affiliate programme, RaaS (Ransomware as a Service), a tactic that aims to find partners to carry out attacks

Recover BlogXX Ransomware

Ransomware BlogXX

The BlogXX ransomware group recently emerged with the theft of patient data from Mediabank, an Australian health insurer, on October 12. According to authorities, the


Pozq ransomware

Pozq ransomware was recently discovered after a sample submission on VirusTotal. After some analysis, evidence was highlighted that Pozq may have a relationship with the


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.