icon-logo
  • Ransomware

TellYouThePass Ransomware

The TellYouThePass ransomware is a Trojan written in the Java and .Net languages, but in more recent attacks the Go language has been used.

The common form of invasion used by the group is through email attachments, usually as Microsoft Word files.

After the file is downloaded, the ransomware is installed and preparations for encryption are initiated. All programs that could prevent encryption are disabled and after that, encryption is started.

After making the files inaccessible by encryption, the ‘.locked’ extension is added to the files. TellYouThePass targets large files such as: media, images, databases, PDFs, Word documents, and others.

Upon completion of encryption an HTML file called ‘README.html’ is created and opened in a web browser.

Inside the file a ransom note is left, in it the criminals explain that the victim’s files were encrypted in RSA-1024 and AES-256, and that the way to get the files back is by paying the ransom.

Which is not true, because, there are companies like Digital Recovery that are able to recover files encrypted by ransomware even without the decryption key.

In that ransom note the email address of the group is left for the victim to contact the group, this is another tactic used by criminals to pressure the victim to pay the ransom.

It is important to stress that there is no guarantee that the decryption key will be released after the payment of the ransom, the victim needs to trust only the word of the criminal. All government authorities completely discourage paying the ransom.

Recover Files Encrypted by TellYouThePass Ransomware

Digital Recovery specialises in the recovery of data encrypted by ransomware of any length and on any storage device, whether HDDs, SSDs, Databases, Virtual Machines, Storages, RAID systems and others.

All our processes are exclusive and have been developed by our experts. All of them are in accordance with the General Data Protection Regulation (GDPR).

We have technology to remotely recover data from anywhere in the world, in a totally controlled and safe environment.

All information about the projects is confidential, we provide the confidentiality agreement (NDA) to ensure this.

In cases of high urgency, we create the recovery in emergency mode, in which our labs work 24×7 so that the recovery is made in the fastest possible way.

Contact our experts and start the recovery process now.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps businesses recover data

TALK TO A SPECIALIST

Check out other posts

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Successful cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
Digital Forensik
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Select your country