// Ransomware Negotiation Transcript

Akira Ransomware Negotiation — Redacted Organisation

13Messages
UnknownDuration
UnknownInitial Demand
UnknownOutcome
// Context

About This Negotiation

This transcript documents a Akira ransomware negotiation with a redacted victim organisation. The negotiation consisted of 13 messages exchanged over Unknown.

The initial demand is not clearly stated in the transcript. The final outcome is not confirmed in the transcript.

// Primary Source

Full Transcript — Verbatim

Reproduced from Casualtek's Ransomchats archive. URLs have been redacted.

Victim names are shown only where the breach was publicly reported in mainstream media. Any organisation wishing their name redacted can contact us at enquiries@binary-response.com — we will act promptly.
[Victim] — — Message 1/13
> We received your ransom note. What is next?
[Akira] — — Message 2/13
> Congratulations, you have passed a surprise information security audit and become a victim of ransomware. Currently, we are preparing the list of data we took from your network. For now you have to know that dealing with us is the best possible way to settle this quick and cheap. Keep in touch and be patient with us. We will reach out to you soon.
[Akira] — — Message 3/13
> [redacted] list // 980 KB
[Akira] — — Message 4/13
> These files were taken from your network prior to encryption. You can pick 2-3 random files from the list and we will upload them to this chat as a proof of possession. To prove that we can properly decrypt your data you can upload 2-3 encrypted files to our chat and we will upload decrypted copies back.
[Akira] — — Message 5/13
> We're looking through your files to calculate a fair demand to you. I will let you know the sum shortly. We offer: 1) full decryption assistance; 2) evidence of data removal; 3) security report on vulnerabilities we found; 4) guarantees not to publish or sell your data; 5) guarantees not to attack you in the future. Let me know whether you're interested in a whole deal or in parts. This will affect the final price.
[Akira] — — Message 6/13
> [redacted]_list2.zip // 2.09 MB
[Akira] — — Message 7/13
> Here is additional data we took from some of your trusts.
[Victim] — — Message 8/13
> How much data did you take from us in GB's? Are these two lists everything you took?
[Akira] — — Message 9/13
> About 200 GB in full.
[Akira] — — Message 10/13
> Yes, these two list are everything we took.
[Victim] — — Message 11/13
> Can we use a separate chat for the conversation going forward?
[Akira] — — Message 12/13
> Yes, I will send a new chat ID shortly.
[Akira] — — Message 13/13
> [REDACTED URL]
// Analysis

Analyst Observations

Facing a Ransomware Demand?

Whether you choose to negotiate or refuse — having specialists in the room changes the outcome.

⚡ Contact Us Now Our Negotiations Service →