Negotiation Chat – Conti
Chat ID: 20210602
What do you want?
02/06/2021, 15:17:16
Hello?
02/06/2021, 15:19:29
readme.txt [ 1kB ]
02/06/2021, 15:22:24
Hello, please wait answer
02/06/2021, 16:39:33
ok
02/06/2021, 16:43:25
As you already know - your network and all of your data were encrypted by CONTI team. Besides the encryption process we've downloaded a large pack of your internal documents and files that will be published in case our negotiations fail. How it happens can be seen on our website.
The recovery price is $1700000 (45 BTC). If you want to make sure we can recover all of your data - you can send us the two files of your choice and we will decrypt them free of charge.
If we reach mutual agreement your will be provided with decryption tool, none of your internal data will be published and you will be provided with security tips on how to avoid further breaches.
We strongly recommend to review our offer in a timely manner to avoid additional expenses from your side on security software and on building the new network from scratch.
The example data pack will be provided soon, which will include part of the file tree list and some actual data you can review.
02/06/2021, 16:46:55
30perclisting.zip [ 223kB ]
02/06/2021, 19:42:25
You can choose any 2 files from the listing, we will discard them as proof that the files were really stolen
You can also send 2 files for a free decrypt
---
Upon conclusion of the agreement, our price includes
1) Universal decryptor for your network
2) Permanently delete all stolen information + logs of removing
3) Security advisories and report how we infiltrated your system
02/06/2021, 19:43:06
datapack.7z [ 47.2MB ]
02/06/2021, 19:52:47
Have you reviewed the documents and our offer?
03/06/2021, 20:29:32
If we will not receive the response today we shall start transmitting your data to 3-rd parties step by step notifying your clients and employees about the breach and on how you guard their data.
04/06/2021, 14:51:59
we have just pulled down the files for review.
04/06/2021, 15:23:33
i will let you know when we are done.
04/06/2021, 15:25:59
how do we know if you are able to recover our machines?
04/06/2021, 15:26:48
You can provide two random low-value encrypted files and we will decrypt them as a proof and upload back
04/06/2021, 15:27:25
It took you two days to download files from review? We are not that patient and you should be more operative otherwise we will consider you stalling
04/06/2021, 15:28:02
will provide the files. No, it did not take us 2 days to download the files and review. we only logged back on this morning and saw that you sent them.
04/06/2021, 15:51:55
[redacted] Office.doc.[redacted] [ 533kB ]
04/06/2021, 15:52:40
[redacted].pdf.[redacted] [ 75kB ]
04/06/2021, 15:52:50
Will upload the decrypted files asap.
04/06/2021, 15:53:14
[redacted].pdf [ 74kB ]
04/06/2021, 17:03:30
[redacted] Office.doc [ 533kB ]
04/06/2021, 17:03:51
ok thank you
04/06/2021, 17:46:33
we are currently still reviewing everything.
04/06/2021, 21:50:59
additionally, my higher up are requesting additional proofs because you are asking 45btc which is quite a lot of money.
04/06/2021, 21:52:18
What proof do you need?
We showed that we can decrypt files
Select any 2 files from the listing archive and we will discard them to you
04/06/2021, 22:09:21
Having received the decryptor, you can start working in 2 hours
05/06/2021, 03:31:54
Read about us on the Internet - we work honestly. It is much more profitable to conclude an agreement with us than to incur losses
05/06/2021, 03:32:46
thats for that additional information. will pass this information along to my boss. I will also let you know the file names once they let me know.
05/06/2021, 04:00:17
Still haven't heard anything yet. Will try to get an answer as soon as possible.
05/06/2021, 15:08:34
Ok, keep me updated
05/06/2021, 15:23:01
will do.
05/06/2021, 15:28:55
haven't heard anything yet from my boss (most likely because it is the weekend). I should have more information tomorrow
06/06/2021, 17:01:44
good morning. I have a meeting here shortly and should have those file names for proof of decryption
07/06/2021, 15:42:21
hello
07/06/2021, 15:55:10
what file names ? Are you talking about 100% listing?
07/06/2021, 15:56:02
from the file listing you sent me earlier
07/06/2021, 15:58:25
Proof of file decryption - you sent 2 files to us, we deciphered them and threw them off.
07/06/2021, 16:02:22
File with the title "30perclisting.zip"
Here is a list of 20 - 30 percent stolen information from your network.
07/06/2021, 16:03:21
When you conclude an agreement, you will receive a decryptor for your entire network and return the state of computers to their previous state in a few hours
07/06/2021, 16:05:27
yes im sorry. I confused myself.
07/06/2021, 16:09:02
any updates?
08/06/2021, 09:59:41
yes sorry, sending the filenames over now.
08/06/2021, 15:29:23
ok, waiting.
08/06/2021, 15:41:50
ok finally received the list
08/06/2021, 16:03:04
uploading the text file now
08/06/2021, 16:03:12
FileRequest.txt [ 2kB ]
08/06/2021, 16:03:35
Well, it's way more than 2 files, but we will provide.
08/06/2021, 16:05:01
Sorry about that but definitely appreciated!
08/06/2021, 16:05:54
2019_[redacted].xlsx [ 43kB ]
08/06/2021, 22:00:10
2019_[redacted].xlsx [ 152kB ]
08/06/2021, 22:00:28
Logo [redacted].pdf [ 87kB ]
08/06/2021, 22:00:32
[redacted].pdf [ 69kB ]
08/06/2021, 22:00:50
[redacted] - Employee agreement [redacted].docx [ 44kB ]
08/06/2021, 22:00:54
[redacted] - Employee agreement [redacted].docx [ 46kB ]
08/06/2021, 22:00:59
[redacted].PNG [ 83kB ]
08/06/2021, 22:01:04
Agreement [redacted].docx [ 42kB ]
08/06/2021, 22:01:08
2020 [redacted] (1).xlsx [ 21kB ]
08/06/2021, 22:01:11
[redacted].pdf [ 5.4MB ]
08/06/2021, 22:01:51
thank you, pulling those files down now
09/06/2021, 19:48:31
just wanted to let you know, my boss and the higher ups are having meetings to discuss this. I will keep you updated, as much as i can.
10/06/2021, 22:33:54
thanks
11/06/2021, 00:15:13
definitely appreciate your patience. Haven't received work yet (most likely due to the weekend). Will keep you updated.
13/06/2021, 14:26:20
do we have an agreement?
16/06/2021, 17:56:06
We are still waiting, but not for too long.
16/06/2021, 18:02:14
are you declining our offer?
16/06/2021, 18:22:08
would you please repeat your offer, seems like your message didn't go through
16/06/2021, 18:28:09
This message was send before - thats still out of our range($274,350). our offer $175k.
16/06/2021, 18:29:28
I an confused, where have you sent your offer?
16/06/2021, 18:30:16
I don't see any relevant message within this chat
16/06/2021, 18:30:34
woah... I am just seeing those messages now. I did not send those messages
17/06/2021, 15:19:02
are you in talks with other people? maybe the framework picked up cross talk?
17/06/2021, 15:21:07
Perhaps one of your employees writes here
17/06/2021, 15:21:44
Send your current offer now
17/06/2021, 15:23:47
No, that's impossible, suppose some of your employees send the messages, maybe we should move to another chat making it private?
17/06/2021, 16:22:00
i am working on getting that answer for you. yeah moving to a new chat might be best. how can we do that?
17/06/2021, 18:19:20
i have an update from my boss/higher ups
17/06/2021, 20:41:17
I will provide the new chat ID within an hour.
17/06/2021, 20:42:04
ok thanks.
17/06/2021, 20:42:19
Ok, i made it over to that chat and sent a msg.
18/06/2021, 16:56:18
Ok, let's move there, should I block this chat forever?
18/06/2021, 17:00:48