icon-logo
  • Ransomware

Lorenz Ransomware

The Lorenz Ransomware has been growing, even though it has not been active for a long period of time, it has already managed to target twelve different organisations. This shows the power of the group. It is similar to ThunderCrypt, apparently Lorenz used its source code.

The Ransomware works internally on a local network, making it find the accesses of the Windows domain administrators.

After that, it selects the files, and moves them to another remote server, making it impossible for the administrators to access them, thus beginning the encryption of the files.

The ransom charged by the group costs an average of US $500,000 to US $700,000 and with each passing day, the threats to victims increase.

If the victim does not want to pay the ransom, the group releases the files bit by bit as well as offering access to the network that was attacked.

Lorenz uses AES encryption and the embedded key RSA. Each file will have the specific name ‘.Lorenz.sz40’, thus changing its original name and also its extension.

Each victim receives in their folders the file called ‘HELP_SECURITY_EVENT.html’, which exists within it the link to the website, with the ransom information, the amount that must be paid in Bitcoin, and offering a chat for negotiations with the hackers.

The group’s strategies to access computers are through software cracks, game patches, and illegal key activation programs, or even purposeful direct attacks.

Recover Files Encrypted by Lorenz Ransomware

After knowing how its attack and encryption works, we know that it is not so simple to solve the problem. Being that it encrypts the systems and the network attacked.

However knowing this, we also need to understand that only professionals specialized in recovering data encrypted by Ransomware, can solve the problem.

Lorenz Ransomware recovery is possible! Digital Recovery has the necessary experience to do so.

Our clients have saved millions of dollars from non-payment of ransomware by choosing our unique solutions. These solutions are compliant with the General Data Protection Regulation (GDPR) and the confidentiality agreement (NDA).

We can recover encrypted data on major storage devices such as: HDDs, SSD, Database, Servers, Virtual Machines, Storage, RAID systems and others.

We are at your disposal to recover your files encrypted by Lorenz Ransomware. Get in touch with our experts.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country