icon-logo
  • Ransomware

Agenda Ransomware

A new ransomware makes its appearance in the cyber world, the Agenda ransomware. Researchers have detected worrying moves on the part of this new group. In a short period of time, they have already orchestrated several attacks targeting organizations in Asia and Africa.

The Agenda ransomware was developed in the Go programming language. A language widely used by hackers to develop malware.

The name Agenda comes from a post by a Dark Web user named ”Qilin” who is likely part of the ransomware distributors.

The group behind the Agenda ransomware executes well-targeted attacks on studied victim companies. In each invasion, the mode of operation is very customized. That way, the Agenda ransomware is able to deeply damage company systems.

The ransomware can reboot systems into Windows safe mode and disrupt running server processes and services.

In an investigation into the group’s previous attack, researchers found that the group behind the Agenda ransomware used a Citrix server as an entry point into the victim’s environment.

Using leaked identities, the threat actors gained access to Active Directory via RDP and then scanned the network using the Nmap.exe and Nping.exe scanning tools.

With these strategies, the Agenda ransomware infected data from healthcare and education organisations in Indonesia, Thailand, Saudi Arabia and South Africa.

Its ransom demands are relatively high and can range from $50,000 to $800,000.

Of course, an attack of this magnitude can turn many businesses or organisations upside down. And at such times it is crucial to have competent professionals who can turn the situation around.

Recovering files encrypted by Agenda ransomware

Digital Recovery has been in the data recovery market for over 23 years. In that time we have managed to build a solid team of experts who act to recover data encrypted by ransomware.

We have developed unique solutions to recover encrypted files on almost all types of storage devices, such as servers, databases, virtual machines, RAID systems and others.

All these solutions can be executed remotely and deployed quickly and securely in any company or organisation worldwide.

We rely on confidentiality in our services because we understand the importance of guaranteed anonymity for our own customers. To achieve this we base our solutions on the General Data Protection Regulation (GDPR) as well as providing a confidentiality agreement (NDA).

We can start the recovery process immediately, just contact us and request an advanced diagnosis.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country