The Makop ransomware has grown through its affiliate programme, RaaS (Ransomware as a Service), a tactic that aims to find partners to carry out attacks by taking only a commission on the value of the ransomware. This tactic aims to expand the attacks by bringing fame to the group.
The main target of this group has been South Korean companies, not that they ignore companies in Europe and America, but they focus on Korea. The group’s main targets are companies in the manufacturing, education, media, technology, construction, pharmaceutical, legal, engineering and defence sectors.
The group uses spam email campaigns, these emails contain employment forms and materials related to copyright infringement, the ransomware is hidden in these files, which once installed disables all programmes that could stop it and starts the encryption process.
At the end of the process a desktop file with a name “readme-warning.txt” is left, this document contains the group’s demands and what ways the victim can contact them.
To demonstrate that the group has the decryption key, they decrypt two files for free, but with some conditions such as not containing valuable information to the company and also no larger than 1 MB.
Recover Files Encrypted by Makop Ransomware
Ransomware decryption is a relatively new field, only companies that can develop technologies can do such recovery. A few years ago such recovery was impossible, however today, companies with Digital Recovery can recover the data.
However, this kind of recovery is extremely delicate, as the slightest mistake can further compromise the files, so it is important that an expert performs the entire process.
Digital Recovery’s specialists are at your disposal, with all the tools and training that are necessary for successful recovery.
Digital Recovery’s specialists are at your disposal, with all the tools and training that are necessary for successful recovery.
All our processes are supported by the General Data Protection Regulation (GDPR) and we also provide a non-disclosure agreement (NDA).
Contact our experts and see what we can do for you.