Fargo3 Ransomware

Fargo ransomware is malware that encrypts a victim’s data, leaving it absolutely inaccessible.

Fargo belongs to the TargetCompany group, which started its activities around June 2021 with a ransomware called Mallox. This ransomware targeted organisations in Asia and refused to encrypt files from machines in Russia, Kazakhstan, Ukraine and Qatar.

In February 2022, Avast released a decrypter for the Mallox ransomware, leading to a shutdown of its activities.

However, in the month of September 2022, the TargetCompany group returns with a new variant of its malware, called Fargo ransomware.

Fargo ransomware deletes registry keys and damages any kind of recovery service on the infected machine. Before encryption, the ransomware stops some SQL-related processes and proceeds to encrypt taking into account some file types that should not be encrypted.

This new variant is more robust and more complex in recovery. Fargo uses a hybrid encryption process with ChaCha20, AES-128 and Curve25519 algorithms.

Shortly after encryption, the ransomware adds a “.fargo3” extension to the original name of infected files. Files with the extension then become inaccessible to the user.

A ransom note in a text file is then generated in the environment. In this file called “RECOVERY FILES.txt” the victim will find the step-by-step instructions to contact the attackers and pay the ransom.

A Fargo ransomware attack can certainly be damaging for any unprepared company. Fortunately, there is still a solution even after the attack.

Recover files encrypted by Fargo3 ransomware

Digital Recovery has over 23 years of experience in the recovery market, and we have learned how to recover files encrypted by ransomware without the use of a decryption key as promised by cybercriminals.

We have performed multiple recoveries from a wide range of extensions, many of which can be exploited entirely remotely.

We know that encryption can cause considerable damage to industrial and commercial activities in certain circumstances. If this is the case, we can operate in emergency mode to provide the fastest possible response. This includes staff working around the clock to restore your service.

We are also responsible for restoring your business to compliance with the General Data Protection Regulation (GDPR). We also provide a non-disclosure agreement (NDA) to ensure complete project confidentiality.

So don’t waste any time! Talk to our experts and get your data back now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.