Negotiation Chat – REvil
Chat ID: 20210401
hello, i have read your site and i have informed my boss.
He asked if we can pay you 8000 euro to your bank account to be able to
take our files back but how can we be sure you will help us?
16 days ago
Hello.You offer is very small.Not interested.
16 days ago
we have lost about 41 days of data since our last backup in some of our
systems. Some systems have been fully recovered so we can start working
but it will take us more than 2 weeks to do manual work for adding
thing to our system. My boss told me to figure out a way to make a deal
with you so we can pay you. that way you can help us recover the lost
days faster instead of manual work. Please help us recover our data
faster. I now work with my technician to see the faster way to start
working, so an option to work with you would be best if it is faster.
16 days ago
Your offer looks ridiculous.Make a really interesting offer to my boss.
16 days ago
why you say ridiculous sir? i am trying to find a way to make this work for both sides so it has some value to us.
It would be great if you have the solution and we can get our files
faster because my technician now wants to format computers and start
from our latest offline backup to set things up clean.
15 days ago
Then ask your technician if they can help you with personal data leaks.
Also, in case of non-payment, your information will be published in our blog and disseminated in the media.
15 days ago
can we find a way to recover our files faster than our technician can
recover them? Our technician said that we need 2-3 weeks of manual work
for formatting, setting up and manual input to get most of our systems
back to work. This is a long time and it involves some costs from our
side. How much time your service will take to recover our systems back
to normal and what is the process? Our technician works hard in the last
two days but his process is very slow and we will have to involve some
people for manual work. This is time consuming. I want to understand if
your service is faster first of all.
15 days ago
Everything happens automatically after payment.
15 days ago
so you mean that within one day we will have all files restored and all systems running as they were before the problem?
15 days ago
Yes , all right.
15 days ago
that is a good option because if we are able to move faster with your
service this will have important impact in our office. Now regarding
payment, Do you believe that we can work together to find a viable
solution to the cost so we can select your service instead of manual
work that will take us a long time?
15 days ago
Make a really interesting offer to my boss. And we can work.
15 days ago
the problem is that at this time the Covid situation in our country has
severely impacted all the business. greece is under a heavy financial
crisis for over 10 years and our office is closed due to government
lockdown. cashflows are probably the worse in years. due to crisis we
all work remotely and this year probably will be the worst in decade. So
cashflows are really limited. can we agree on 12000euro paid in your
bank account so you can help us?
15 days ago
First, we do not accept payments to a bank account.
Secondly, our boss is unhappy with your proposal.
15 days ago
can we please find a solution to this payment? I want to express that
since your solution is faster than our technician we want to work with
the faster solution but it should be an amount that we can pay fast and
get our files. Our technician said that he needs only time to get us up
and working along with manual work. But time is important here for my
boss. Please discuss with your boss to settle to an amount that we can
pay. Please consider that we need also time to see how your payment will
be done, so as the time passes your services will not add any value. We
want to work with you to purchase your professional services to help us
recover faster than our technician.
15 days ago
My boss is ready to give you a 20% discount on fast payment.
15 days ago
Thank you, in that case we are ready to pay 12000 - 20% = 9600euro. We
will have the money in 3 days. we appreciate it. let us know how you
want us to do the payment.
15 days ago
Friends, you apparently did not understand, we are ready to provide you with a 20% discount from the original price.
15 days ago
170000-20%=136000 $
15 days ago
how we are supposed to find this money? our offices our closed and
during covid this money is not something that can be found. could we
please discuss a realistic amount?
15 days ago
Make a really interesting offer to my boss. 12k euro its small offer.
15 days ago
can you please adjust your offer to greece so we can pay you and get
our files faster? the money you ask is unfortunately far more than my
boss capabilities. 12.000 seems little for you? the average salary here
in greece is 500euro per month. Please sir lets discuss an offer that
can be paid fast. if we need 10 months to find the money you request
there is no use for the files. right now we need to recover faster.
please talk to your boss. we can find the money i suggested in 3 days and send it to you if you agree
15 days ago
Your offer is too small to be considered.Make a really interesting offer to my boss.
15 days ago
tomorrow my technician will have a clear view of the main systems that
are up and running so we can estimate and focus on the things we are
missing from backups. He said that most systems are in place from our
cloud provider, so i will be back to you if we need your help with your
services. i thought that we could have your help on this so we can use
your service to launch faster but our technician said we should wait for
his results recovering from cloud and then see if anything missing so
we can focus on that.
15 days ago
If you do not pay, your files will be published on the blog and
transferred to the media, the rest of the data will be sold. In any
case, it will affect your reputation, think about your clients, fines
and other troubles that await you.
We you a solution to avoid all of this.
15 days ago
Sir, we just need to save time restoring our files. If you have a
solution to this let me know if we can work together. i just want to
save time to launch faster. this is our focus her.e. but I believe this
will take also time because you cannot understand that time is important
here. If we could have the files yesterday it would make a great deal
for the office. we are losing more than 1000euro every day we delay.
15 days ago
wait for answer.
15 days ago
ok
14 days ago
Everything my boss has to offer $ 136k.
14 days ago
you are still referring to thousands of dollars sir?
14 days ago
Yes, all right.
14 days ago
I told you that our office is in greece and if you read the news we are
closed by lockdown and it was the worst year for any office here in
greece so such an amount unfortunately is not something that is
feasible.
So please consider if you can really help us work with you in some way.
We have about 2 days until weekend to decide because new equipment has
been ordered to set everything from scratch. Hopefully the most
important system from our operation is up and running today. We are
missing a lot of data still and in 1=2 days we will have a total
estimation of losses that require manual work.
Thank you for communication.
14 days ago
This is my boss's last sentence.
14 days ago
in 1-2 days we will have a meeting with our outsourced technician to
check everything that is missing. all depends from the cost. estimation
of lost data. still your cost is far too high to be able to pay. I still
tell you that we are willing to keep our options open and your service
of instant full recovery is still an option for us. But we need to work a
lot on the price to be able to see it as an option.
14 days ago
Your price is still too low for this amount of work.
14 days ago
unfortunately our estimation was wrong. we had a briefing from our
technician right now. there is a lot more work to be done, not only 1-2
weeks to do manual work. probably we will need more than 30 days. our
technician said that the attack was well planned and we estimate lots of
effort to recover from manual work. also we will have to delay a lot
because of the malware is still inside. So we will have to replace
software and probably hardware until it is fully cleaned. Let me know,
if we work with your solution, the malware will be gone from our network
?
14 days ago
Yes of course.
14 days ago
our technican asks how you did the attack, through remote desktop or mail?
14 days ago
After payment we will conduct an audit for you.
14 days ago
ok that is an added value. an audit would cost about 5000-10000euro. So
you will decrypt files, our systems will be up and running in 1 day,
our systems will not contain malware and also you would conduct an
audit. correct?
14 days ago
Audit means we will tell you how we infected your network.For your large network, this will cost a lot more.
14 days ago
how much this would cost? Now i am helping my boss estimate the overall help of your service.
14 days ago
greek companies for our audit gave us an offer between 5000-10000 euro.
don't forget that in greece such services are much cheaper than US.
14 days ago
according to my boss we are ready to pay much bigger amount to get at
least some of your services. But we would like to ask you a very serious
discount to your valuable services in order to reach a deal. We
understand that you are trying to extract as much money as you can from
this deal, but the amount you demand right now is not something we can
discuss. We want to work with you and we can find more money. Try once
more to discuss with your boss. if we reach a deal of around 45.000euro
we will manage to find the amount in some days. and we can send it to
you in some installments.
14 days ago
1-We will check how we got into your system.
2-Get the whole network decoder.
3-All sensitive data will be deleted from our servers.
4-Let's clean your network of our virus.
5-You will restore your system in one day.
6-Neither reputation nor customers will suffer.
It all depends only on your actions.
We have been the administrators of your network for a long time and we know that you can pay 500k.
We have made a huge discount and look forward to serious offers from you.
14 days ago
ideally we would like from you the following:
1. get the last data from one virtual machine to save lots of manual work
2. stop your attacks to our network so we can do business because we lose more than 1000euro/day as we delay.
can we agree on 55.000 so we can end this before weekend? we will show some good will to send you some money as soon as we can.
14 days ago
wait for answer.
14 days ago
also we have serious problem with monero. please check if you can give
us bitcoin wallet as our accountant said that we have problem with
monero.
13 days ago
Yes of course.
13 days ago
lets work on the price. so if you accept on 55k we can find the money
and we will use bitcoin to send you asap. now our accountant tries to
work with the cryptocurrency thing.
13 days ago
if we send you bitcoin how much time it takes for you to receive it and send us the solution?
13 days ago
30 minute
13 days ago
but we cant accept 55k
13 days ago
please sir give us a price we can pay today because the price you
requested will take lots of time. give us your best shot so we can move
the process today
13 days ago
wait for answer.
13 days ago
please try to match what we have so we can find the funds easily and
move faster because time is important for us so that we don't have to
setup all the network again from scratch. lets try to match the price of
the current offer because we have these funds available now, so if its
close to that we might be able to find the funds today. our accountant
said that it will take days to find a lot of extra money because it is a
matter of cash flow, exchanges, banks and stuff that we don't
understand.
13 days ago
Ok, we take you the last step to meet $ 100k.
13 days ago
Price update refresh the page.
13 days ago
the price of 100k$ is about 85k euro. it is a price that i think we can
meet. i want to talk with our accountant to check how fast we can find
this amount and start the process to find bitcoin
13 days ago
Okay we wait
13 days ago
Just to repeat our deal. Once you receive the requested amount:
1. You will stop any bad actions to our network
2. You will provide decryptor that will decrypt all computers in our network
3. You will help us if we have technical problems
4. You will stop any other bad actions regarding our office
5. You will provide security audit for our office
Correct?
13 days ago
Yes , all right.
13 days ago
our accountant has some serious problems with transferring the money on time.
Can you please extend the time so we can be able to pay the greed amount in bitcoin?
13 days ago
How much time do you need ?
13 days ago
it might be from today until Wednesday for the processing to be done
since we our accountant has never done it before. He thinks he can get
all the amount we have agreed but he is missing some for now and
probably it can be found during the day. And then he needs to transfer
the funds so that the processing to bitcoin happens. So i think until
Wednesday/Thursday or maybe much earlier if all is done today.
12 days ago
Okay we give until Wednesday.
12 days ago
thank you. expect update from our side.
12 days ago
can you please update the timer?
12 days ago
Okay.
12 days ago
we will do test payment first to see if you receive it ok? will it show in your system automatically?
12 days ago
No problem.
12 days ago
Yes
12 days ago
Wait for 3 confirmations by Bitcoin system, it takes ~30 min
12 days ago
To use a decryptor run it as administrator and turn off antivirus before.
You can use a decryptor as gui application or through cmd.
CMD commands:
UniversalDecryptor.exe -full
UniversalDecryptor.exe -path "C:\folder"
UniversalDecryptor.exe -file "C:\folder\file.txt.random_ext"
* decryptor with -full option will decrypt all with default params.
If you use it as gui application, mI recommend you choose "create
backups" option. If you use decryptor without this option, you should
not interrupt decryption process, otherwise some files will be
irreversibly damaged.
12 days ago
1. Backup (provided there is no direct access to copies from local machines)
2. It is important to regularly evaluate which employees have access and
permission to which resources. Most employees do not need a high level
of domain access.
3. Use professional e-mail and web security tools that can analyze the
content of websites, email attachments, and files for malware.
4. Keep your operating system, software and all devices updated on an ongoing basis.
5. Antivirus software, IPS (intrusion prevention systems) and corporate
email protection have been updated to the latest version.
6. Divide your network into specific security zones so that malware caught in one zone cannot spread to others.
7. Security training courses to teach employees not to download files,
open email attachments, or follow unknown links in messages.
12 days ago
Your network was accessed through your VPN.
12 days ago
All your data was automatically deleted after receiving payment.
Our presence on your network will soon be terminated.
12 days ago
how long have you been in our network?
12 days ago