MBC Ransomware

The MBC Ransomware although little known is a group that practices large organised operations.

There are several malicious malware scattered across the internet, most of which infect random victims. However, MBC, like LockBit, does not carry out random attacks, but targets specific targets.

In July 2021 MBC was able to hack and block Iran’s railway system, the hack paralysed transport for an entire day. The means for recovery were not disclosed.

The following month, the group announced the launch of its website hosted on the TOR network for leaking companies encrypted by the ransomware. The announcement contained a countdown and a link directing to chat on Telegram.

After the ransomware runs, data is locked until the decryption key is released by the group. An extension developed by the hackers is added to the files, and from there, the extortion process begins.

So far, information about the encryption algorithm and ransom amounts are unknown.

Recover files encrypted by MBC ransomware

MBC is just one of several encryption extensions that exist, knowing this Digital Recovery specializes in the recovery of data encrypted by ransomware.

We have been working in the recovery market for over 23 years, facing the most diverse scenarios and problems of database, virtual machines, RAID systems and others.

In most cases, to avoid greater losses, we can perform the recovery in a 100% remote way, reducing the time of delivery of results.

For guarantee and better performance, we work fully in accordance with the General Data Protection Regulation (GDPR). In extreme cases, our specialists are ready to work 24×7 in emergency mode.

Perform a diagnosis now, and talk to one of our specialists.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.