icon-logo
  • Ransomware

Ransomware Sugar

The Sugar ransomware differs from the larger ransomware gangs and focuses its attacks on individual computers of ordinary users and small businesses.

The group emerged in November 2021, it is not very clear why the group chose to do small attacks, but the fact that these computers are easier to hack and do not draw as much attention from authorities, may have been one of the motivations.

The group has applied the RaaS (Ransomware as a Service) tactic, which is the outsourcing of attacks by external agents. Attacks on individual computers is easier for people with little or no experience to carry out.

After Sugar invades the system it downloads some files and only after that the encryption is initiated, these files are tools that will assist the encryption process.

The extension .encoded01 will be added to all files affected by the ransomware, none of these files can be opened.

After the process is completed a file named “BackFiles_encoded01.txt” is added to all folders, it will receive the information for the victim to contact the group through the .TOR website.

The ransom amount is not fixed, but is made according to the amount of encrypted data, the group offers to decrypt 5 files for free to convince the victim that they have the decryption key.

In fact, the group has the decryption key, but there is no guarantee that the key will be released after paying the ransom, so do not trust the criminals.

There is solution to recover the files encrypted by ransomware, Digital Recovery has developed such solutions.

Recover Files Encrypted by Sugar Ransomware

Digital Recovery has focused its efforts on developing technologies capable of recovering files encrypted by ransomware of any length and on any storage device.

Our processes are unique and all of them have been developed based on the General Data Protection Regulation (GDPR).

We can recover HDDs, SSD, Database, Servers, Virtual Machines, Storages (NAS, DAS, SAN), RAID Systems and others.

We know how sensitive the information of companies that have been attacked by ransomware is, so we provide all our customers with the confidentiality agreement (NDA), all information about the case is totally confidential.

We can recover data anywhere in the world through remote recovery, so the duration of the process is drastically reduced.

Start advanced diagnostics now. Contact our experts.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country