Boss Ransomware

Boss is a new ransomware extension discovered recently, but the group tends to grow rapidly due to its RaaS (Ransomware as a Service) strategy.

The RaaS tactic has become a widely used method by hackers because it allows them to market the ransomware to anyone. Resulting in the highest profit and propagation of criminal operations.

Boss brings a peculiar feature in its encryption extensions. It is common for victims to receive them with random characters or the name of the ransomware. However, besides “.Boss”, the victim’s IP and the ransom email are also left in the extension of the encrypted files.

This method has been used before by another group known as Makop. And by analysing the source code of both, it can be stated that Boss and Makop belong to the same ransomware family.

The same email appears in the ransom note left by the group on their desktop, along with an FAQ taking the guesswork out of what happened. To prove that they have access to the decryption key, a folder with simple files of up to 1 MB can be decrypted.

It is worth noting that for complete data recovery, the group only accepts payment in Bitcoin, even though this action is not recommended, because there is no real guarantee that the files will be decrypted.

Recover files encrypted by Boss ransomware

Ransomware attacks have gone from being an occasional occurrence to a constant danger to businesses. Aware of this, Digital Recovery specializes in the recovery of data encrypted by ransomware.

For more than two decades providing solutions for lost data, we have formed a team of specialists and engineers, capable of performing recovery in Virtual Machines, Databases, RAID Systems, Magnetic tapes and others.

To provide a better experience with our services, we have developed unique technologies that speed up the process and boost results. In most cases we can operate 100% remotely.

Digital Recovery understands the importance of data preservation, so we have developed a confidentiality agreement NDA. And we solve all cases within the General Data Protection Regulation (GDPR).

Talk to one of our agents and ask for a diagnosis right now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Récupérer le Ransomware Makop

Makop Ransomware

The Makop ransomware has grown through its affiliate programme, RaaS (Ransomware as a Service), a tactic that aims to find partners to carry out attacks

Recover BlogXX Ransomware

Ransomware BlogXX

The BlogXX ransomware group recently emerged with the theft of patient data from Mediabank, an Australian health insurer, on October 12. According to authorities, the


Pozq ransomware

Pozq ransomware was recently discovered after a sample submission on VirusTotal. After some analysis, evidence was highlighted that Pozq may have a relationship with the


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.