DarkRadiation ransomware is focused on attacks against Linux systems, mostly based on Debian distributions.
DarkRadiation uses SSH access to move laterally inside the system and be able to deploy the ransomware. It is written in bash script, then they use an open source code called ‘node-bash-obsfucated’, made in Node.js, it messes up the code, making it impossible to read the data.
His first task is to find root/administrator accesses, then he removes it with a message in code.
After that, he creates a user automatically generated by the malware, then lists all the existing ones, and deletes all those not generated by himself. Thus, it blocks all your accesses, removing your users, preventing them from accessing your device.
After the encryption process is complete, all affected files are given the extension “.ReadMe”, and a file is left on the desktop containing the terms for paying the ransom.
Digital Recovery has been in the data recovery market for over two decades, all this time has given us the ability to perform in the most complex data loss scenarios.
We have developed unique technologies, which enable us to recover data encrypted by ransomware on any storage device, whether HDDs, SSDs, Databases, Servers, Storages, RAID systems, Virtual Machines and others.
Our solutions are exclusive and were developed by our specialists based on the General Data Protection Regulation (GDPR). Because we know that the confidentiality of information in these cases is essential, we have developed the confidentiality agreement (NDA).
We offer our customers the option to activate the recovery in emergency mode, in this mode our laboratories operate with a 24×7 availability. We can also recover data remotely, covering all parts of the world.
Contact our experts and start recovering your data now.