The Makop ransomware has grown through its affiliate programme, RaaS (Ransomware as a Service), a tactic that aims to find partners to carry out attacks by taking only a commission on the value of the ransomware. This tactic aims to expand the attacks by bringing fame to the group.
The main target of this group has been South Korean companies, not that they ignore companies in Europe and America, but they focus on Korea. The group’s main targets are companies in the manufacturing, education, media, technology, construction, pharmaceutical, legal, engineering and defence sectors.
The group uses spam email campaigns, these emails contain employment forms and materials related to copyright infringement, the ransomware is hidden in these files, which once installed disables all programmes that could stop it and starts the encryption process.
At the end of the process a desktop file with a name “readme-warning.txt” is left, this document contains the group’s demands and what ways the victim can contact them.
To demonstrate that the group has the decryption key, they decrypt two files for free, but with some conditions such as not containing valuable information to the company and also no larger than 1 MB.
The recovery of files encrypted by ransomware is a relatively new field. Only companies that are able to develop technologies can perform this recovery. A few years ago, this recovery was impossible, but today, digital recovery companies can recover this kind of data.
However, this kind of recovery is extremely delicate, as the slightest mistake can further compromise the files, so it is important that an expert performs the entire process.
Digital Recovery’s specialists are at your disposal, with all the tools and training that are necessary for successful recovery.
We can recover encrypted files from any data storage device, whether it’s a hard drive, SSD, database, storage (NAS, DAS, SAN), RAID or virtual machines.
All our processes are supported by the General Data Protection Regulation (GDPR) and we also provide a non-disclosure agreement (NDA).
Contact our experts and see what we can do for you.
Learn more about data recovery and technology innovations.