Fargo3 Ransomware

Fargo ransomware is malware that encrypts a victim’s data, leaving it absolutely inaccessible.

Fargo belongs to the TargetCompany group, which started its activities around June 2021 with a ransomware called Mallox. This ransomware targeted organisations in Asia and refused to encrypt files from machines in Russia, Kazakhstan, Ukraine and Qatar.

In February 2022, Avast released a decrypter for the Mallox ransomware, leading to a shutdown of its activities.

However, in the month of September 2022, the TargetCompany group returns with a new variant of its malware, called Fargo ransomware.

Fargo ransomware deletes registry keys and damages any kind of recovery service on the infected machine. Before encryption, the ransomware stops some SQL-related processes and proceeds to encrypt taking into account some file types that should not be encrypted.

This new variant is more robust and more complex in recovery. Fargo uses a hybrid encryption process with ChaCha20, AES-128 and Curve25519 algorithms.

Shortly after encryption, the ransomware adds a “.fargo3” extension to the original name of infected files. Files with the extension then become inaccessible to the user.

A ransom note in a text file is then generated in the environment. In this file called “RECOVERY FILES.txt” the victim will find the step-by-step instructions to contact the attackers and pay the ransom.

A Fargo ransomware attack can certainly be damaging for any unprepared company. Fortunately, there is still a solution even after the attack.

Recover files encrypted by Fargo3 ransomware

Digital Recovery has over 23 years of experience in the recovery market, and we have learned how to recover files encrypted by ransomware without the use of a decryption key as promised by cybercriminals.

We have performed multiple recoveries from a wide range of extensions, many of which can be exploited entirely remotely.

We know that encryption can cause considerable damage to industrial and commercial activities in certain circumstances. If this is the case, we can operate in emergency mode to provide the fastest possible response. This includes staff working around the clock to restore your service.

We are also responsible for restoring your business to compliance with the General Data Protection Regulation (GDPR). We also provide a non-disclosure agreement (NDA) to ensure complete project confidentiality.

So don’t waste any time! Talk to our experts and get your data back now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery