// Context
About This Negotiation
This transcript documents a Akira ransomware negotiation with a redacted victim organisation.
The negotiation consisted of 15 messages exchanged over Unknown.
The initial ransom demand was $1.0M. The final outcome is not confirmed in the transcript.
// Primary Source
Full Transcript — Verbatim
Reproduced from Casualtek's Ransomchats archive. URLs have been redacted.
Victim names are shown only where the breach was publicly reported in mainstream media. Any organisation wishing their name redacted can contact us at
enquiries@binary-response.com — we will act promptly.
[Akira] — — Message 1/15
> Hello. You've reached Akira support chat. Currently, we are preparing the list of data we took from your network. For now you have to know that dealing with us is the best possible way to settle this quick and cheap. Keep in touch and be patient with us. Do you have a permission to conduct a negotiation on behalf of your organization? Once we get your reply you will be provided with all the details.
[Victim] — — Message 2/15
> What is the cost
[Akira] — — Message 3/15
> Hello. You've reached an Akira support chat. Currently, we are preparing the list of data we took from your network. For now you have to know that dealing with us is the best possible way to settle this quick and cheap. Keep in touch and be patient with us. We will reach out to you soon. Do you have a permission to conduct a negotiation on behalf of your organization? Once we get a response you will be provided with all the details.
[Victim] — — Message 4/15
> yes
[Akira] — — Message 5/15
> List.7z // 222 KB
[Akira] — — Message 6/15
> These files were taken from your network prior to encryption. You can pick 2-3 random files up to 10 MB each from the list and we will upload them to this chat as a proof of possession. To prove that we can properly decrypt your data you can upload 2-3 encrypted files up to 10 MB each to our chat and we will upload decrypted copies back. We're looking through your financial papers to come up with a reasonable demand to you. We offer: 1) full decryption assistance;
2) evidence of data removal;
3) security report on vulnerabilities we found;
4) guarantees not to publish or sell your data;
5) guarantees not to attack you in the future. Let me know whether you're interested in a whole deal or in parts. This will affect the final price.
[Victim] — — Message 7/15
> What is the cost
[Akira] — — Message 8/15
> We will let you know the price soon. Do you have any file requests?
[Victim] — — Message 9/15
> no. just the price so we Can takea decision if its worth it for us or not
[Akira] — — Message 10/15
> We will let you know.
[Akira] — — Message 11/15
> We're willing to set a $1,000,000 price for ALL the services we offer. We accept payments in BTC. To gain bitcoins you need to go to any exchange platform as binance or coinbase. Here are the guides: [REDACTED URL]
[REDACTED URL] You also can buy bitcoin from any local brokers. If you withdraw funds from your bank account, then you have to inform the bank that you need this money for investment purposes only.
[Akira] — — Message 12/15
> Are you going to work with us?
[Victim] — — Message 13/15
> as much as would have liked to pay a resonable amount to save us from manually entering 2 weeks of data the amount you asked is impossible. in fact anything over 50k will not be worth our time.
[Akira] — — Message 14/15
> Please note that 22.5GB of your corporate data will be published on our blog.
[Akira] — — Message 15/15
> You have 24 hours to give us your decision regarding this deal. If you stay silent, we will announce the breach on our blog.