icon-logo
  • Ransomware

Ransomware Sekhmet

Sekhmet ransomware has been increasing the number of its attacks around the world, the group has similarities to the ransomware controlled by the Maze barracks. But even though there are similarities, it is not part of the barracks.

Sekhmet like the vast majority of ransomware groups uses RaaS (Ransomware a as Service) tactics and double extortion.

These two tactics are extremely dangerous and aggressive, RaaS exponentially increases the capacity of attack numbers and scope of these attacks. The double extortion tactic, on the other hand, relies on blocking the company’s system by encryption and extracting sensitive files for the company to use for blackmail.

The Sekhmet ransomware maintains a site for leaking files on the Dark Web, it is worth remembering that companies are fined if their customers’ sensitive data is leaked.

The main tactic implemented by Sekhmet to break into systems are spam email campaigns, these emails carry files that contain ransomware that when downloaded evades the defences of the system and closes them, and also closes any program that could prevent the complete encryption of the files.

After encryption the system is locked and a document named “RECOVER-FILES.txt” is left behind. This document leaves instructions on how the victim can proceed to recover their files.

The group provides decryption of at least three files to demonstrate that they have the real decryption key, and they say that after the ransom is paid they will send a report to the victim demonstrating how the break-in was done.

Recover Files Encrypted by Sekhmet Ransomware

The only thing to do after having your files encrypted by ransomware, is to take counter measures that will lessen the financial damage to the company. And, there is no guarantee that in fact the group will release the decryption key after payment.

In this scenario, the best option to do is to recover the encrypted data with a specialized company, which will not require a decryption key.

Few companies are able to do this recovery, among these companies is Digital Recovery. With over 20 years of experience we have the necessary expertise to make the recovery with total security.

All our processes are backed by the General Data Protection Regulation (GDPR) and the confidentiality agreement (NDA).

We can recover virtually any storage device, whether HDDs, SSDs, Databases, RAID systems, Storages (NAS, DAS, SAN), Virtual Machines and others.

Count on Digital Recovery to recover your encrypted files.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country