icon-logo
  • Ransomware

FiveHands Ransomware

FiveHands ransomware, also known as Hello Kitty ransomware, was discovered by CISA (Cybersecurity and Infrastructure Security Agency), the US cybersecurity agency, and has been under attack since May 2020. The group uses the double extortion method, which in addition to blocking the files also threatens to leak them, this tactic is used to pressure the victim to pay the ransom as soon as possible.

In some cases, if the victim does not pay or does not respond quickly, they threaten a break-in to the company’s public website. The ransom payment is made in cryptocurrencies, the ransom amount varies depending on the size of the company attacked.

The initial access of FiveHands ransomware is different from other ransomware, which attack victims through email campaigns, FiveHands uses VPN devices, this access allows them to generate a VPN profile and enter the victim’s destination network using the hostname and then deploy the ransomware thus initiating encryption.

The group became famous for attacking video game studio CD Projekt Red (producer of The Witcher and Cyberpunk 2077 games) in February this year. After the attack the group confirmed on the dark web that the information that was stolen from the studio had been sold to a third party, but this was never actually confirmed.

The attacks are usually aimed at Linux servers using virtual machines. After the invasion the ransomware encrypts the victim’s data, and together with pCloud synchronizes the files in the cloud, so that even if the victim turns off the computer or the internet the group can extract the files to perform double extortion.

Recover Data Encrypted by FiveHands Ransomware

Authorities do not recommend paying the ransom, as these payments fund the criminal group with resources for new attacks.

Digital Recovery has developed solutions capable of recovering files encrypted by ransomware. We can recover HD, SSD, Storage, RAID, Virtual Machines, Databases and others.

Working 24×7 in emergency mode. All our processes are backed by the confidentiality agreement (NDA) and in accordance with General Data Protection Regulation (GDPR).

Even if you have received a negative diagnosis or lead times do not meet your expectations, we accept the challenge of analysing your case, with online follow-up and real-time feedback throughout the process. Contact us and see what we can do for your company.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country