Ransomware Grief

The Grief Ransomware has emerged with a new look and the same modus operandi as the DoppelPaymer ransomware. Ransomware groups adopt this tactic of changing their name to try to evade the radar of authorities.

The old DoppelPaymer ransomware was active until May, some time after one of the largest attacks on an American company, the Darkside ransomware attack on the Colonial Pipeline company.

This attack led to diplomatic problems between the United States and Russia, the country in which the group was probably operating.

In the light of this great attention caused by the attack at Colonial Pipeline, the DoppelPaymer ransomware has ceased its activities, not with an official note, the group has simply stopped updating its Dark Web site, this is an indication that the group has ceased its activities.

And now it seems that the group has not completely stopped their activities, they just dressed up in a new outfit, adopted a new name and continued their attacks, now under the name Grief ransomware.

The group operates using RaaS (Ransomware as a service) tactics, which is an affiliate program for cybercriminals, they advertise their ransomware program on forums selling their services to people interested in doing the attacks.

This type of tactic is highly advantageous for the groups and makes virtually every company in the world a viable target for their attacks.

Recovering Files Encrypted by Ransomware Grief

The encryption of the Grief ransomware, like the vast majority of ransomware types, is virtually impossible to break without the decryption key.

Therefore, the group threatens the victim not to seek expert help, if the victim does, the decryption key is deleted and the files can never be decrypted, the stolen files will be leaked.

Still in this scenario Digital Recovery is able to recover the encrypted data, we have our own technology, called Tracer, which enables us to have good results in this type of recovery.

We have certainly helped our customers save millions by not paying the ransom.

During the whole process the client is accompanied by one of our specialists who will clarify any questions about the process.

Count on Digital Recovery’s exclusive approaches to recover encrypted data.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery