icon-logo
  • Ransomware

Alpha Ransomware

Alpha Ransomware first appeared in July 2016, since then it has been active. The group performs attacks and invades systems with a similar method to other ransomware, but has something different, after invading the system the first thing done is to create an automatic execution called Microsoft, and with this execution even if the victim turns off or restarts the computer the encryption process will continue.

That’s because after the computer starts up, that execution is automatically started and returns the encryption.

After encrypting the data, an extension is added to the files (.encrypt). Encryption is done on only 249 specific file types in the Desktop, My Pictures and Cookies folders. However, on other shared drives and folders, it encrypts all files.

The group has a very peculiar method of payment, initially by mid 2016, the collection amount was $400 in iTunes gift vouchers, nowadays their attacks are paid in both bitcoins and Amazon vouchers.

Currently the ransom fee is around 1.5 bitcoin, but that amount varies depending on the size of the company.

The reason criminals use bitcoin and vouchers is to maintain anonymity, as these currencies are almost impossible to trace.

The ransomware leaves a file named “README HOW TO DECRYPT YOUR FILES” which gives the instructions on how to pay.

Criminals allow victims to decrypt a selected file completely free of charge to increase the chances that the victim will pay the ransom.

Recover Files Encrypted by Alpha Ransomware

Digital Recovery is able to recover data encrypted by Alpha Ransomware. We have a unique technology called Tracer, which through millions of calculations can recover the encrypted files without the decryption key.

We have a fully dedicated team for the client, who will be accompanied by an expert during the entire process.

We are used to recover any ransomware extension. We recover HD, SSD, Storage, RAID, Virtual Machines and even Databases.

And our process is 100% reliable, signed the confidentiality agreement (NDA) and made based on General Data Protection Regulation (GDPR).

Working 24×7 in emergency mode, so that the client has their data recovered and can return to work, and also so that there is no delay in their projects.

If you have suffered a ransomware attack, and your data is encrypted, contact Digital Recovery and get a quote.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country