MedusaLocker Ransomware

The MedusaLocker ransomware targets its attacks on small and medium-sized businesses. The group was first spotted in September 2019, being noticed by MalwareHunterTeam.

The ransomware invades the system from macros, malicious ads and torrent sites. After execution, Medusa begins to encrypt files by adding extensions making it impossible to access the information.

It is advisable that in cases of invasion, the machine’s internet should be deactivated, avoiding contamination of other systems connected to the same network.

The group uses a strategy to attract trust by offering to decrypt a file of the victim’s choice up to 10Mb. MedusaLocker uses AES 256 + RSA-2048 encryption, an algorithm that prevents any free ransomware tool from being successful and could cause permanent data loss if used.

To make the negotiation a link is added with the ransom note, allowing the victim to contact the group and make the payment in Bitcoin. However, there is no guarantee of obtaining the decryption key. Therefore, the best way is to turn to companies specializing in the problem, and Digital Recovery has the right profile to recover files encrypted by ransomware.

Recover files encrypted by ransomware MedusaLocker

We have been operating for over 23 years in the data recovery market. Due to the great demand caused by cyber attacks, we specialise in developing solutions capable of recovering files encrypted by ransomware quickly and efficiently. In addition to ransomware, we recover files on Virtual Machines, Databases, RAID Systems, Servers, among others.

We use methods that can adapt to each case, we use the General Data Protection Regulation (GDPR) as a basis to develop our solutions. To ensure total confidentiality for our clients, we have developed the confidentiality agreement (NDA) which guarantees that your files will not be disclosed.

If you are looking for solutions to recover data encrypted by ransomware, Digital Recovery is the right choice. Start your diagnosis now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.