Share on facebookFacebook
Share on twitterTwitter
The MedusaLocker ransomware targets its attacks on small and medium-sized businesses. The group was first spotted in September 2019, being noticed by MalwareHunterTeam.
The ransomware invades the system from macros, malicious ads and torrent sites. After execution, Medusa begins to encrypt files by adding extensions making it impossible to access the information. The group uses numerous extensions such as:
It is advisable that in cases of invasion, the machine’s internet should be deactivated, avoiding contamination of other systems connected to the same network.
The group uses a strategy to attract trust by offering to decrypt a file of the victim’s choice up to 10Mb. MedusaLocker uses AES 256 + RSA-2048 encryption, an algorithm that prevents any free ransomware tool from being successful and could cause permanent data loss if used.
To make the negotiation a link is added with the ransom note, allowing the victim to contact the group and make the payment in Bitcoin. However, there is no guarantee of obtaining the decryption key.
Therefore, the best way is to turn to companies specializing in the problem, and Digital Recovery has the right profile to recover files encrypted by ransomware.
We have been operating for over 23 years in the data recovery market. Due to the great demand caused by cyber attacks, we specialise in developing solutions capable of recovering files encrypted by ransomware quickly and efficiently. In addition to ransomware, we recover files on Virtual Machines, Databases, RAID Systems, Servers, among others.
We use methods that can adapt to each case, we use the General Data Protection Regulation (GDPR) as a basis to develop our solutions. To ensure total confidentiality for our clients, we have developed the confidentiality agreement (NDA) which guarantees that your files will not be disclosed.
If you are looking for solutions to recover data encrypted by ransomware, Digital Recovery is the right choice. Start your diagnosis now.