Ragnar Locker Ransomware acts in a different way to other ransomware, because in addition to it invading the system and encrypting the data, it also shuts down installed programs that could cause some risk to it (such as software updaters and anti-malware) and that can somehow fight the ransomware attack and stop its invasion of the system.
This Ransomware emerged in late 2019, and like many other known ransomware variants, (such as BlackMatter, LockBit 2.0 and REvil) Ragnar Locker uses a double extortion technique, to “force” victims to pay, where data is encrypted locally and filtered before the ransom demand is made. And if the victim refuses to pay, their data is published on a website located on the dark web.
Ragnar Locker also features the “wall of shame” where they post a list of victims recently attacked by them.
Ragnar Locker ransomware only attacks on Windows operating systems, and these attacks are completely unobtrusive because the malware is only 55 kb in size.
The first thing they do after the invasion is language scanning on the user’s system. For Ransomware avoids some countries and focuses on Europe, the United States and Latin America.
Ragnar Locker also attributes attacks on some big companies, such as EDP (Portugal’s energy provider) and Capcom (game developer), these attacks were million-dollar attacks, one example, the group demanded EDP 10 million dollars so that they can unlock and not leak the company’s data (which was valued at 10 TB of data).
Digital Recovery specialises in Ransomware recovery, performing 24×7 work in emergency mode. Our specialists are fully dedicated to the customer, from the first contact until the delivery of the data.
We have our own tool called Tracer, which through millions of calculations they recover the files (without the decryption key), this tool not only assists in the recovery but speeds up the recovery process, which is faster and more effective, to the customer’s satisfaction.
Our processes are in accordance with the General Data Protection Regulation (GDPR) and we also provide the NDA (Confidentiality Agreement).
And this is the safest alternative of all, encrypted data recovery.
If you’ve been a victim of Ragnar Locker ransomware contact our experts and start the recovery process now.