icon-logo
  • Ransomware

RansomEXX

RansomEXX is part of the group that has been most active recently, this group consists of Defray 777 and Ransom X ransomware. Together, they are responsible for hundreds of attacks worldwide.

RansomEXX was developed to attack Windows operating systems, but over time it has been updated and can also attack Linux operating systems, although Linux encryption is not as effective as Windows.

After the invasion, the ransomware disables all programs that could identify it or prevent the process of encrypting the files. The encrypted files are left with the .EXX extension.

After all the files are encrypted, the ransomware changes the desktop image with one made by the group containing instructions on how to pay the ransom and deliver the decryption key.

RansomEXX has made three major attacks in recent years against Texas TxDOT, Konica Minolta, and the Brazilian STJ (Superior Court of Justice). The group targets its attacks against state-owned enterprises and large private companies.

There are records of an attack made against Tyler Technologies, a software development company for the public sector in the United States, this attack crippled the company which was forced to pay the ransom to the cybercriminals.

Embraer, one of the largest aircraft manufacturers in the world, owes part of its files published on the group’s website.

All this shows how the group that controls ransomEXX has grown and has shown itself with one of the largest ransomware groups in the world. The attacks made show the power they possess.

Recover Files Encrypted by RansomEXX

Digital Recovery specializes in the recovery of files encrypted by ransomEXX. This is only possible because we have developed a technology capable of reconstructing the encrypted data. This recovery is done without the need for the decryption key.

With over 20 years of experience, we have acquired the necessary knowledge to recover any device that has been affected, which can be: Virtual Machines, RAID Systems, Databases, Warehouses and others.

We have the ability to recover files remotely, in a totally secure environment. This recovery can be done from anywhere in the world.

Throughout the process, the customer is accompanied by a specialist who can help with any questions about the processes adopted.

In addition to all our processes being compliant with the European General Data Protection Regulation (GDPR), we rely on the confidentiality agreement (NDA).

All recovered data is confidential and all information about the process will not be disclosed.

Count on Digital Recovery’s expertise to recover your encrypted files.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country