Share on facebookFacebook
Share on twitterTwitter
Defray 777 ransomware is perhaps the most destructive ransomware family in recent years. This ransomware family includes extensions such as Ransom X and Ransom XXX. This group has been active since 2017, with constant attacks and a remarkable evolution in its ransomware.
This ransomware was the first recorded ransomware to be able to become hybrid, being able to attack both Windows and Linux operating systems.
The main means of attack of Defray 777 ransomware is the email phishing campaign, the ransomware is attached in the email in microsoft word documents, which once downloaded, immediately installs the ransomware on the system, the ransomware’s first measure is to disable commands that could be a risk to it.
The ransomware hides itself in the memory and starts the encryption process, only after the encryption of all files the ransomware locks the computer presenting the ransom message to the victim.
The attacks are mainly directed at companies operating in the health area, but are not restricted to them only. Recently, it attacked Lojas Renner, which paralysed the company’s entire E-commerce operation.
Rumour has it that the ransom demanded by the group was around 1 billion reais, but it is not known for sure what the outcome of the attack was.
Perhaps this is the group that has updated the most over time, they are as active as they were in their first attacks.
Recovering ransomware is one of the biggest challenges for companies operating in this market, the technologies for this type of recovery were, until 2 years ago, non-existent, if there was not an updated backup of the files the payment was almost certain. The groups that develop ransomware took advantage of this to leverage their attacks and, even today, they still use this advantage.
But, there is a difference, today there are companies that can recover files encrypted by ransomware, and among them, is Digital Recovery, which has managed to develop technologies capable of recovering files encrypted by any ransomware extension, including Defray 777.
This recovery is possible thanks to Tracer which locates, repairs, rebuilds and recovers the encrypted files. This is done without the need for the decryption key.
All our processes are compliant with LGPD (General Data Protection Law) and we also offer our clients the confidentiality agreement (NDA).
During the whole process the client will be in contact with one of our specialists, who will clarify any questions about the process. Once the files have been recovered, the client checks that all files have been recovered with the assistance of our specialist, validating all recovered files.
We can recover HDDs, SSDs, databases, servers, RAID storage and others. This recovery can be done remotely in many cases.
Count on Digital Recovery to recover your files encrypted by ransomware.