icon-logo
  • Ransomware, Ransomware

HolyGhost Ransomware

Holy Ghost Ransomware is an organisation operating since June 2021, carrying out small-scale double extortion attacks. Its method consists of stealing information and threatening to expose it on its TOR domain.

According to researchers, the group chooses not to attack large institutions that require time and complex strategies. But they aim to conduct smaller operations in several countries, targeting the financial, educational and industrial sectors.

Holy Ghost encrypts the victim by adding the extension “.h0lyenc” to each infected file, blocking access to the information.

To obtain financial return on its operations, the group asks for amounts ranging from 1.2 to 5 bitcoins in order to decrypt the victim’s data. It is worth noting that dealing with the group is extremely dangerous and can result in further losses.

During investigations, it was detected that Holy Ghost is North Korean, with no support from the local government, focused only on the income of the hackers involved in the project.

One feature that caught the attention of investigators is that the tools used by the group were created by another ransomware extension known as PLUTONIUM. This could indicate a possible link between the groups.

It is common for ransomware groups to use different names in their attacks, Holy Ghost is just one of several names of the organization, it is also known as SiennaPurple, H0lyGh0st and DEV-0530.

Recover files encrypted by HolyGhost ransomware

Digital Recovery is able to recover files encrypted by ransomware without negotiating with hackers.

We have been working in the data recovery market for over 23 years, developing unique and innovative technologies that are prominent in the market.

We recognise the damage that file loss can cause to victims, so our team of engineers are ready to tackle each occurrence with agility and efficiency. For most services, we offer a remote solution to prevent further damage.

Know that with Digital Recovery all information is legally regularized according to the General Data Protection Regulation (GDPR). And we have also drawn up our own confidentiality agreement (NDA) that will result in confidentiality of information without risk of exposure.

We have already helped our clients not to lose millions of dollars by paying the ransom. For extreme cases, it is possible to trigger the emergency mode, where our experts will provide exclusive 24×7 service.

Talk to one of our specialists now and receive a real-time diagnosis.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country