Buybackdate Ransomware

Buybackdate ransomware is the name of the newest extension that was discovered by cybersecurity researchers through VirusTotal. According to experts, buybackdate belongs to the same ransomware family as ZEPPELIN.

Like other ransomware groups, buybackdate follows the pattern of attacks through contaminated email, pirated programs, and other techniques to break into the victim’s system and start the encryption process.

Once the malware finds a breach, all files begin to receive the extension “.bbd2.[id_victim]” and access to them is blocked until a decryption key is used or the encryption is broken.

On the victim’s desktop after infection, a ransom note called “ALL YOUR FILES ARE ENCRYPTED.txt” is left. In its content is possible to find an explanation of what happened to the victim and the processes to enter into negotiations with the hackers and possess the data back.

To prove that they really have a key to access the data again, a single file can be sent to have it recovered. After that, to gain access to the rest of the files, it is necessary to pay bitcoin to the hackers.

It is worth noting that negotiation with ransomware groups is never recommended due to the poor security this medium provides.

Unfortunately many give in to negotiation as threats of exposure on the dark web are made to every infected user. However know that there are safe and reliable methods of getting your data back.

Recover files encrypted by Buybackdate ransomware

Digital Recovery has been in the data recovery market for over 23 years and in recent years has specialised in the area of recovering data encrypted by ransomware.

Due to the increase in attacks in the area of ransomware, we have established an exclusive team for this type of service. The service is 100% remote and multi-lingual for communication with our agents.

For each case, we make sure to adapt the entire recovery to comply with the General Data Protection Regulation (GDPR). We also provide an NDA (Non-Disclosure Agreement) confidentiality agreement, as we know how important the confidentiality of each company and client’s information is.

So, contact us and start now your recovery in any data center, including: magnetic tape, virtual machine, storage, RAID and database.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.