Share on facebookFacebook
Share on twitterTwitter
The ZEON ransomware is the newest group on the global ransomware scene, the group has made numerous attacks on businesses.
ZEON uses AES and RSA encryption, which are extremely effective, the .zeon extension is added to the affected files, for example, the file image1.jpg will become image1.jpg.zeon.
Files with this extension can only be opened with the decryption key that is kept on a remote server controlled by the criminals.
Ransomware, in general, works the same way, the malware invades the victim’s system through spam email campaigns, links on malicious websites, unofficial programs, brute force attacks and sometimes by accessing the unprotected RDP port.
After the invasion the ransomware has the ability to hide for some time in the operating system disabling antivirus and any other program that could prevent or stop the encryption process.
After the end of the encryption process the system is locked and a ransom note that is left on the desktop, the note is written in a threatening tone for the victim to pay the ransom as soon as possible.
Payment is not indicated as the group gives no guarantee that the decryption key will actually be released after payment, the criminals do not have any kind of bond with the victim.
The ransom must be paid through cryptocurrencies that are virtually untraceable, all communication with the criminals is done through the .TOR browser.
Even though the group says that it is impossible to recover the data without the decryption key, this is not true, Digital Recovery is able to recover the encrypted files without it.
Digital Recovery has been in the data recovery market for over 23 years and specialises in the recovery of files encrypted by ransomware.
We can recover encrypted files on any storage device, be it Databases, Storages, RAID Systems, Servers, Virtual Machines and others.
We have developed unique processes and technologies, this puts us ahead of other data recovery companies, we accept the challenge of analysing any case of ransomware attack.
Our solutions are available to companies worldwide, we can offer this because we have the ability to recover data remotely.
Get in touch and start advanced diagnostics now and recover your files.