AKO Ransomware

AKO ransomware emerged in 2020, and since then a few variations have emerged, today there is an active variation responsible for numerous attacks around the world.

Despite the changes and time the AKO group remains with the same tactics, double extortion remains in use.

The group specialises not only in encrypting the victim’s data, but also in stealing it. After the malware accesses the target system, it makes copies of all stored files, these copies are sent to a remote server and are used to blackmail the victim.

The main target of the ransomware is to hit the backup, the malware is designed for that, so that there is no possibility for the system to be restored by the victim.

The encrypted files are given a random extension to their name, all files with this extension cannot be opened or changed.

The ransomware generates a file that is pinned to the desktop, it contains the means for the victim to contact the criminals for ransom negotiation.

Recover files encrypted by AKO ransomware

Digital Recovery specializes in the recovery of files encrypted by ransomware, we are one of the few companies in the world that are able to recover such files.

We can recover data stored in databases, servers, virtual machines, storages, RAID systems and others.

We have developed unique solutions that were created by our experts, they can be applied remotely. We have over 23 years of experience in data recovery, we have the expertise to act in the most complex scenarios of data loss.

We create emergency recovery mode so that files can be restored as quickly as possible, in which mode our labs operate with 24×7 availability.

Contact us and start the recovery right now.

Digital Recovery helps businesses recover data

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.