Ransomware negotiation(s) with
akira
Hello. You've reached Akira support chat. Currently, we are preparing the list of data we took from your network. For now you have to know that dealing with us is the best possible way to settle this quick and cheap. Keep in touch and be patient with us. Do you have a permission to conduct a negotiation on behalf of your organization? Once we get a response you will be provided with all the details.
These files were taken from your network prior to encryption. You can pick 2-3 random files from the list and we will upload them to this chat as a proof of possession. To prove that we can properly decrypt your data you can upload 2-3 encrypted files to our chat and we will upload decrypted copies back.
Passing to my tech dept. Please wait.
So, we've gone through your files to define your financial abilities. We've been looking through your bank statements, net income, cyber liability limits, financial audits - all the info that might help us calculate our demand to you. We're willing to set a $350,000 price for ALL the services we offer: 1) full decryption assistance;
2) evidence of data removal;
3) security report on vulnerabilities we found;
4) guarantees not to publish or sell your data;
5) guarantees not to attack you in the future. Let me know whether you're interested in a whole deal or in parts. This will affect the final price.
We are interesed in parts. Can you detail the price on every service ?
1) full decryption assistance - $250,000;
2) evidence of data removal - $150,000;
3) security report on vulnerabilities we found - $25,000;
4) guarantees are included to each of the above options.
The amount requested by you is exaggerated. The amount requested by you is half of the company's profit for the whole year. If we refer to the encrypted data, it can be recovered by manually restoring the databases, something that certainly costs less than $250,000 - the cost of total decryption. We are still willing to negotiate, but with a much smaller amount. The maximum we can offer is $50,000, but we cannot pay the amount in full, but in installments, because we cannot legally remove this amount from the accounting. Our proposal is to divide this amount into 10 packages, and you decrypt packages of files for us. We pay in advance for each package.
We will never accept your terms, so we can end this right now. You can go back and forth but we will never be lower than 230k for the full package. The first option is $140,000 and it is the bottom line. We accept payments in full, so you can transfer funds to your broker in parts.
what is the bank account ?
We accept payments in bitcoins. Once we agree on the price, I'll provide you our wallet ID.
The board has agreed to a 100.000 euro payment
This is for full decryption
We can do it in one payment
ok. We are ready to close the deal at $120,000. I am pretty sure you can add a bit to your current offer and make a transaction that will satisfy both parties. Here is our BTC wallet [redacted] Please let me know how soon can we expect the transfer.
Hello. Are you going to finish the deal with us?
Hello! We are processing the request with the Financial Department and Legal
We have made a test transaction. The board is reluctant to this type of payment. Now we wait for confirmation of the payment.
0.00430313 received. You can proceed with the full amount.
Economic department issues
How soon can w eexpect the rest?
I am waiting for an update from you today.
It seems the board is doesn't trust to pay the money
Can you please explain? Are we going to have a deal? You've already sent us the test payment.
The board came to the conclusion that we have no warranty that we will get our data back. The risk of not getting anything vs. the amount that we have to pay.
We've proven that we can decrypt the files and after payment we can give you back the files we took from your network. Our initial demand has been decreased significantly and now you are saying that there is a risk. Did I understand you right that this is your final decision and there will be no deal with you?
I'm sorry. It is not my decision
OK Thanks for the information. We will announce this incident on our blog and your data will be uploaded there as well.
This information is provided by Valéry Marchive
