NYX Ransomware

Nyx ransomware is the newest variant recently discovered by cyber researchers. This new ransomware practices one of the most feared strategies for ransomware attack victims: double extortion.

This refers to the fact that they not only encrypt the data, but also steal it. In this way, they can exert greater pressure, threatening to release the stolen data if there is a delay in paying the ransom.

Unfortunately, this psychological pressure technique ends up working. For this reason, new ransomware variants decide to adopt the same strategy.

But to make the double extortion work, Nyx ransomware follows a well-defined methodology.

Once the environment is hacked, the attackers then launch the Nyx ransomware, which takes care of scouring the environment for files relevant to the encryption.

The Nyx ransomware then copies the selected files to a system belonging to those responsible for the attack. It is precisely this data which will be used as pressure for the double extortion.

Only then can the files be encrypted. Nyx ransomware adds the following structured extension to all encrypted files: [victim unique ID].[attacker contact email address].NYX

A ransom note called READ_ME.txt is then generated so that the victim can contact the attackers and pay the ransom.

For sure, being a victim of a situation like this is terrible and can become even more serious when you are not accompanied by professionals.

Recover files encrypted by NYX ransomware

Digital Recovery has professionals who specialize in the data recovery industry. Throughout our 23 years in the market, we had the honor of helping hundreds of companies victims of ransomware.

We have improved and developed solutions capable of recovering files encrypted in databases, virtual machines, servers, RAID systems and various other types of storage.

We understand how delicate this situation can be, that is why we count on a confidentiality agreement (NDA) for the total security of our clients’ data.

All our solutions were developed on top of the General Data Protection Regulation (GDPR). and can be applied 100% remotely.

Digital Recovery is positioned as the best alternative after a ransomware attack.

Our team of experts is available 24/7 to provide you with the best possible service. So contact us and get your data back.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.