Hello

I need help with decrypt my data

This is too hiigh a price. Give me proof that the price is adequate for the data you have.

I am a spokesperson for the company and I will sell the information to my customer. Because this is not secure communication, I do not want to state the name of the company and I assume that we will delete this chat after the meeting.

I am authorized to communicate with you on behalf of the company and to establish conditions that will be acceptable to both parties.

First of all, I would be happy if we set a price that is negotiable. Next, it would be good to submit information about the data you have in your possession so that we can consider paying the ransom and start negotiating the price.

I can't prove it. We're gonna have to trust each other.

If you want to pay, then this is the only way to come to an agreement. So that emotions are not used in the negotiations, I am here as an intermediary. My client doesn't want to negotiate, even though it seems to be the only option. Although they have backups, but the restoration will take some time, so I would like to negotiate an adequate price.

We are a protected society and I cannot afford to openly write who it is. I only know the owner of the company who owns several companies.

If you do not want to cooperate, then I will pass this information on to the customer and the media to make it obvious that BlackMatter are a group of crooks.

Give an example.I only know the owners of the companies.

They found this file in their system and that's why I came to your page C:\[redacted].README.txt

Actually I don't have much time to deal with authorization. I want to help the customer and negotiate the terms of cooperation. Just because anyone can watch this chat, I don't want to share any information and prove that I am who I am. Do you want to negotiate the price?

The environment is isolated and analyzed by the forensics team and the police. I can't interfere with the investigation, and all the documentation has been encrypted, as the customer told me.

I certainly don't feel like fucking with you. I want to talk and get this thing resolved as soon as possible.

Yes, let's talk about price and what you get for our data. Then we can discuss the price of the decryptor.

What is VT?

Oh, I see. So how do we do it?

1) [redacted]

2) administrator

[redacted]

Are we really not? This bill was sent to me by their owner. I'm gonna look like a fool if we don't agree on a price.

Are we really not? This account was sent by their owner. If we don't make a deal, I'm gonna look like an idiot.

I don't speak English, so I translate automatically.

The price is not adequate. Give me a price I can pass on to the owner of the company.

Our idea was $500,000, but we can negotiate a price of $1,000,000. Give us proof that there is information sensitive enough to be of such value.

We have offline backups. Ok show me the office document and a screenshot of the database.

Do you also have the passwords of the domain users? Give me a screenshot.

We have a backup created by other software and transferred to a SAN to a backup data center. Restoration will take a long time, but it is possible. What databases do you have?

Data in databases should be encrypted. Just because you have database servers doesn't mean anything.

According to IT, it should be. Let's make a deal like this. If the data in the database is encrypted, we'll pay you $100,000 to decrypt it for us. If the data in the databases is not encrypted, then we'll pay you $700,000. $700,000 is the price we have to invest in recovery, and if the recovery with the decryptor is faster, then we'll save money on service outages.

Okay, then the price is $1,000,000 if the data is readable.

The data you hold is worse for us than having to recover it. The data you hold is worth no more than $1,000,000, which is why we are offering this price. We can restore the data from offline backups (we have tested this). A higher price than $1,000,000 is not acceptable to us. If you don't accept this price, then I need to check with the owner of the company what we will do next and if we can offer more money.

We evaluate it subjectively. We have already written to people about PII, so the reputational impact has already occurred. We're gonna put new passwords in Active Directory. Office documents aren't that valuable to us. The only thing of value is the databases.

15 is meaningless. I thought 15 was just a number, but not the actual ransom.

I understand, but for us only the know-how and customer information in the databases is worth anything.

I can see it now. Then name a price that makes sense for both sides.

I need to check with the management and the owners. What competitor do you think?

I guess they don't have backup.

We are restoring. I'm gonna go talk to the management.