Startup firm HyperBunker raises $920K seed funding for a new anti-ransomware device that goes beyond simple data backup.
HyperBunker, a European startup focused on ransomware and critical data storage and recovery, has raised €800,000 (about $925,000) seed funding to increase its production capacity for a new anti-ransomware device. The funding comes from Fil Rouge Capital and Sunfish Venture Capital.
The HyperBunker device was conceived within InfoLAB Data Recovery by its founder and CEO, Imran Nino Eskic. He had become frustrated by the number of requests to recover ransomware encrypted data – something beyond the ability of traditional data recovery from damaged disks.
His solution is to preserve the original data, and recover by restoration of that original clean data. The concept was developed over the last three years within InfoLAB, resulting in the HyperBunker device. Once confident with the solution in 2024 he co-founded the new firm, HyperBunker, where he is also CTO. His co-founder is Bostjan Kirm (CEO at HyperBunker).
The argument for HyperBunker is simple. No amount of software solutions to protect all firms from ransomware have succeeded. It is more realistic for firms to accept that sooner or later they will become a victim; so, the priority must include recovery after prevention has failed.
HyperBunker is not a simple backup device. Standard backups are not immune to ransomware attackers. Wherever there is a surface, it can be attacked. Wherever attackers can see software, they can target it. HyperBunker shows neither. It is a local (no attackable cloud presence), air gapped from the network, software-free, automatic (no ‘privileged’ admin or other human access), immutable data collection and storage device.
The only theoretical vulnerability is physical theft of the device – but even here, the thief would have no access to raw data. HyperBunker has a proprietary version of file security encryption (FSE), which can be enabled at set up as required – although, comments Kirm, “We advocate encryption at the source (on the user’s site) to maximize speed and reduce processing overhead within the vault.” That encryption also ensures that the stored data remains compatible with data security regulations.
Critical data is collected from the user network at regular pre-set intervals. No human interaction is required after setup, and there is no interruption to the customer’s workflow. HyperBunker performs a comprehensive backup of the entire hierarchical folder structures, preserving all subfolders and their contents. During recovery, the original structure is fully restored.
It is possible that something malicious could potentially be uploaded into HyperBunker at collection, but it can do no harm there (it cannot execute). Critical data recovery from HyperBunker would only be required if critical data is lost from the system, potentially through ransomware. Once that damage is done, forensics can rapidly detect the cause. HyperBunker’s stored data can be downloaded to a sandbox and the malicious code removed and clean, safe critical data returned to the system.
The ransomware threat continues to grow. The UK’s official Cyber security breaches survey 2025, reports that an estimated 19,000 UK businesses experienced a ransomware attack in 2024. Optiv reported (July 2025), “2,314 ransomware victims were listed on 74 unique data leak sites in Q1, representing a 213% increase in the number of victims and 32% increase in the number of variants compared with 56 variants in Q1 2024.”
The only, and recommended, way to stop this ransomware scourge is stop it being profitable for the criminals; that is, don’t pay the ransom. However, there is a reluctance by firms to follow this advice. A ransomware-forced shut down is costly, even with cyberinsurance – and Sophos reported in June 2025, “Nearly 50% of companies paid the ransom to get their data back.”
Against this background of increasing threat, national governments are beginning to use legal means to give teeth to their ‘don’t pay’ advice. In the UK, for example, a ransom payment is already illegal if it makes funds available to a sanctioned entity. Technically, this could include any ransomware involving Russian hackers. Further, there are plans in the UK Cyber Security and Resilience Bill to ban ransom payments by public sector entities and CNI operators.
Ransomware is increasingly presenting business with a form of Morton’s Fork: pay up and risk breaking the law, or don’t pay and risk destroying your business. HyperBunker’s ethos is to break this fork by offering a third option: do neither: don’t pay the ransom courtesy of not losing your critical data.
Related: Ransomware Group Claims Attack on Beer Giant Asahi
Related: Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks
Related: Beer Giant Asahi Says Data Stolen in Ransomware Attack
Related: Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues
