SunCrypt ransomware, also known as Ransom.SunCrypt, is one of the clear examples of how ransomware groups act after successful attacks on large companies.

After these attacks they shut down for a while and then a new ransomware comes out, which is just a derivation of the old ransomware, in other words, they just change the name and continue with the same tactics.

The SunCrypt ransomware appeared under the name QNAPCrypt, also known as eCh0raix, they were known at the time by the attacks directed at the Linux operating system and the search for NAS servers (Network Attached Storage), they were specialized in this.

After some time and several successful attacks, the group disappeared and appeared later under the name SunCrypt, and since then has remained with that name. But with a curious feature, the fact that they claimed to team up with Maze HQ, who control the Maze, Lockbit and Ragnar Locker ransomware.

Three malware that have acted frantically and have become big among ransomware groups. SunCrypt claimed that it joined the group as they were not keeping up with the demand.

Interestingly, sometime later the Maze cartel vehemently denied SunCrypt joining their cartel. There was no further comment from SunCrypt about it.

But the fact is that after the supposed merger with Maze, SunCrypt attacks increased rapidly. We may never know if in fact there was this union between them, but the truth is that the attacks continue. The group has focused on educational institutions and hospitals.

The group operates with the RaaS (Ransomware as a service) tactic that the outsourcing of attacks, it was seen on Dark Web forums the group looking for partners who want to do attacks with their ransomware.

Ultimately it can be seen that SunCrypt is seeking authority on the global ransomware scene. This is worrying because the way they consolidate themselves in the market is with successful attacks, this shows how committed the group is to increasing the numbers of their attacks.

Given this, it is important that you know a company that is able to recover files encrypted by SunCrypt ransomware.

Recover Files Encrypted by SunCrypt Ransomware

Digital Recovery is one of the few companies that are able to recover files encrypted by ransomware, this type of recovery requires technology that few companies have.

We were able to develop such a technology, we call it Tracer, it has obtained good results in cases of total and partial encryption of files.

We can recover data from practically any storage device, be it a HDD, SSD, Database, Server, Virtual Machine, Storages (NAS, DAS, SAN), RAID system or other.

All our processes are secure for data integrity and are compliant with General Data Protection Regulation (GDPR) and NDA (Non-Disclosure Agreement).

Count on Digital Recovery to recover your data that has been encrypted.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Melhores HDs

Best HD brands

When talking about the best hard drive brands, it’s important to consider various aspects such as reliability, performance, storage capacity and value for money. These


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery