Trusted by Content-Critical Businesses
RansomHunter is an American division of Digital Recovery Group, focused on decrypting ransomware files.
“Second time I count on the agility and professionalism of the Digital Recovery team, they are very experienced and responsive. I recommend them to everyone”.
“The quality of the service is excellent. The attention given to service is rewarding and the feedbacks that are given put our minds at ease knowing that we can trust the work and dedication.”
RansomHunter develops unique solutions to decrypt ransomware files, which can be applied to companies of all sizes. We can perform recovery from anywhere in the world via remote recovery. See how we helped an Italian company recover files encrypted by a ransomware attack. Cybercriminals often carry out mass attacks on many companies simultaneously. This gives them a higher probability of receiving the ransom amount. This was probably the scenario in the following case. The target of the hackers this time was a small accounting office in Italy. In the middle of a week, overnight the company’s employees saw their files get a new extension, .google.
One of the largest River Logistics companies in Latin America contacted us to recover data after an attack by Quantum Ransomware. There has been a wave of attacks by the Quantum group targeting several different companies. Small, medium and large companies have been targeted. In this case a large river logistics company in Argentina was the victim. The hackers most likely found a loophole in the system through emails sent to employees. Once the malware was inserted into the environment, the criminals managed to encrypt the data with the Quantum extension. They then stipulated a $100,000 figure for the ransom. Paying the amount requested by
Soon after a new wave of LockBit 2.0 ransomware attacks, many companies saw their business come to a standstill because of data locked up by encryption. Here is a case of decryption for one of them.
It is possible to recover data after a Lockbit 2.0 Ransomware attack. We did and this is how it happened. We received a contact from a company that said it had suffered an attack and was unable to continue its activities. When they arrived at their offices, right after the weekend, they realized that a good part of their data was inaccessible. This was the situation: More than 10 virtual machines, all hosted on Windows Server that no longer boot due to malware in the environment, which prevented the company from functioning. The hacker group Lockbit, having invaded the environment set a ransom demand of
We received a case of REvil Sodinokibi ransomware attack, at the time the group was among the largest and most effective ransomware in the world, the group’s attacks were always targeted at large corporations, and in this case it was no different.