Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks
README-GENTLEMEN_2.txt[snip] = YOUR ID
Gentlemen, your network has been encrypted.
1. Any modification of encrypted files will make recovery impossible.
2. Only our unique decryption key and software can restore your files.
Brute-force, RAM dumps, third-party recovery tools are useless.
It’s a fundamental mathematical reality. Only we can decrypt your data.
3. Law enforcement, authorities, and “data recovery” companies will NOT help you.
They will only waste your time, take your money, and block you from recovering your files — your business will be lost.
4. Any attempt to restore systems, or refusal to negotiate, may lead to irreversible wipe of all data and your network.
5. We have exfiltrated all your confidential and business data (including NAS, clouds, etc).
If you do not contact us, it will be published on our leak site and distributed to major hack forums and social networks.
In addition, it will be reported to the relevant data protection authorities and regulators.
This may result in official investigations, significant fines, and reputational damage for your company.
6. We guarantee 100% file recovery to their original state, bit by bit.
To demonstrate the quality of our work, you can provide three sample files, and we will restore them free of charge.
TOX CONTACT - RECOVER YOUR FILES
Contact us (add via TOX ID): 98C132E2B20B531BE6604397D97040C1E9EB42FCE12EDF119BCE8B4031CA5C70DAF5E65FA3C3
Download Tox messenger: https://tox.chat/download.html
Contact us (add via Session ID): 05809b2da1d5b1a302f48b5767fd1843d54f3c516f9ab0eb26b544ffa73340292e
Download Session https://getsession.org
СONTACT TO PREVENT DATA LEAK (7 DAYS BEFORE YOUR COMPANY DATA WILL BE PUBLISHED IN OUR BLOG, WITH 239 HOURS REVEAL TIMER)
Check our blog: http://tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion/
Download Tor browser: https://www.torproject.org/download/
Follow us on X: https://x.com/
Any other means of communication are fake and may be set up by third parties.
Only use the methods listed in this note or on the specified website.
After adding (us) in Tox or Session, please wait for your request to be processed and stay online.
If you do not receive a reply within 36 hours, create another account and contact us again.
In your first message in chat, immediately provide your ID from the note and the name of your organization.
Assign one person as contact responsible for all negotiations. Do not create multiple chats.
| Type | IOC |
|---|---|
onion url
|
http://tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion/ |
tox id
|
98C132E2B20B531BE6604397D97040C1E9EB42FCE12EDF119BCE8B4031CA5C70DAF5E65FA3C3
|
session id
|
05809b2da1d5b1a302f48b5767fd1843d54f3c516f9ab0eb26b544ffa73340292e
|