Memento Ransomware

The Memento ransomware has used a very different tactic than other ransomware; unlike other groups that encrypt all files, Memento does not.

The group was unable to apply encryption to the files because the process was prevented by endpoint protection, a tool used by anti-ransomware software.

With that hindrance the group found another tactic, instead of encrypting all the files, the ransomware copies the files and transfers them to a private, password-protected folder, and the key to the folder is encrypted, and the original files are deleted.

Then, without the decryption key it will not be possible to access the folders, in addition to holding the files “hostage” the group also removes some files to apply double extortion.

If the victim does not pay the ransom, the decryption key will be permanently deleted and the files that were removed will be leaked on the Dark Web.

In addition to this difference in the way of acting with encryption, the installation of cryptocurrency miners on victims’ servers has been identified in some of the invasions made by Memento.

This shows that Memento ransomware has been developed as malware that can go far beyond encryption and file theft.

Faced with this extremely complicated scenario, the assistance of a company that is capable of recovering files encrypted by Memento ransomware is needed.

Recover Files Encrypted by Memento Ransomware

For over 20 years Digital Recovery has worked tirelessly to develop technologies capable of recovering data. All these years of experience have enabled us to develop Trace, a technology capable of recovering files encrypted by ransomware.

Our processes are customised to meet the real needs of each client, during the entire process the client is accompanied by one of our specialists.

We can recover data from virtually any storage device, such as HDDs, SSDs, Databases, Servers, Virtual Machines, Storages, RAID systems and others.

All processes are done in a totally secure environment, with our services, our customers saving over 100 million dollars with no ransom payments.

We are at your company’s disposal to recover all the files that have been lost or encrypted by the Memento ransomware.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.