icon-logo
  • Ransomware

RansomEXX

RansomEXX is part of the group that has been most active recently, this group is made up of the Defray 777 and Ransom X ransomware. Together they are responsible for hundreds of attacks around the world.

RansomEXX was developed to attack Windows operating systems, but over time has been updated and can also attack Linux operating systems, although Linux encryption is not as effective as Windows.

After the invasion, the ransomware disables all programs that could identify it or prevent the process of encryption of the files. The encrypted files are left with the extension .EXX.

After all the files are encrypted the ransomware changes the desktop image with one made by the group containing directions on how to pay the ransom and hand over the decryption key.

RansomEXX has made three major attacks in recent years against Texas TxDOT, Konica Minolta and the Brazilian STJ (Superior Court of Justice). The group targets its attacks on state-owned and large private companies.

There are records of an attack made against Tyler Technologies, a software development company for the public sector in the United States, this attack paralysed the company that was forced to pay the ransom to the cybercriminals.

Embraer, one of the largest aircraft manufacturers in the world, owes part of its files posted on the group’s website.

All of this shows how the group controlling ransomEXX has grown and has shown itself with one of the largest ransomware groups in the world. The attacks made show the power they possess.

Recover Files Encrypted by RansomEXX

Digital Recovery specializes in recovering files encrypted by ransomEXX. This is only possible because we have developed a technology capable of reconstructing the encrypted data. This recovery is done without the need for the decryption key.

With more than 20 years of experience we have acquired the necessary expertise to recover any device that has been affected, which can be: Virtual Machines, RAID Systems, Database, Storages and others.

We have the ability to recover files remotely in a totally safe environment. This recovery can be done from anywhere in the world.

Throughout the process the customer is accompanied by a specialist who can help with any questions about the processes adopted.

Besides all our processes being in accordance with the European General Data Protection Regulation (GDPR) we count on the confidentiality agreement (NDA).

All recovered data is confidential and all information about the process will not be disclosed.

Count on Digital Recovery’s experience to recover your encrypted files.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country