Cloak Ransomware Negotiation — Redacted Organisation

Hello! If you are reading this message, your files are encrypted and your data is compromised.In order for YOU to quickly and without additional losses FOR YOU to regain control over your data, strictly follow the proposed scenario:1. ONLY an AUTHORIZED representative authorized to enter into financial agreements and negotiate on behalf of the entire company should participate in negotiations on your part.All other persons not endowed with such authority (system administrators, cleaners, and others) who enter into negotiations can cause significant harm, primarily for your own company.2. Confirm that you are an authorized representative of your company and briefly describe your situation.3. Stay online throughout today until further instructions.4. If you did not receive our answer during the day, then indicate the time, country and city in the time zone of which you are located. Set a time convenient for you for follow-up negotiations.5. Keep calm and be patient, they will definitely answer you and help you with the recovery of your data.6. Remember that mutual respect is the key to successful negotiations.

Hello,

We got infected and you asked to contact you.

Hello

you have not given me confirmation that you are authorized to negotiate on behalf of the company.

you must understand that based on your answers, appropriate decisions will be made that will affectthroughout your company.

So you're authorized to negotiate?

I'm authorized to ask your intentions. We're in [redacted], and we're not used to this kind of situation. I'll pass on to my manager, who will decide what to do next. This is the 1st step for him.

ok

So that we do not have a misunderstanding and, as a result, undesirable consequences for you, follow these 3 rules:

1 Always answer my questions. If you don't have an answer and need to consult with management, tell me so. 2 Never end negotiations unilaterally. This may serve as a signal to me that you refuse to cooperate with us. 3 If the negotiations are completed today, be sure to indicate the time of the next meeting.

Now I will give you a step-by-step plan of further actions. Follow it strictly, as it is the shortest way to the to the successful completion of the case.

The next steps will be:

1. We assign you a ransom amount that you must accept*.

ok

2. you convert the approved amount into BTC or XMR.

3. You send us 2 encrypted files to check their reverse decryption**.

4. we decrypt them and send them to you.

5. you make sure the decryptor works and give us confirmation.

6. we give you a wallet to transfer BTC or XMR.

7. You make a trial amount transfer and wait for confirmation.

8. After our confirmation, you transfer the entire amount.

9. We send you the key and detailed instructions.***

10. your data stored by us will be deleted.

11. we provide you with a penetration report indicating the exploited vulnerabilities.****

notes:

* we know about your income so do not humiliate yourself.Discounts can only be granted to those companies that have applied to us in a timely manner and strictly comply with all our instructions.**Files must not be important, and their maximum size must be no more than 5 MB each.*** We will keep in touch with you until your network is fully restored.**** The report is provided to everyone who paid the full amount of the ransom.

1?

This is the general plan.I will discuss the specific amount of the ransom only with an authorized person who owns the right to conclude financial agreements.

if such a person is in touch with you, then tell him this and let him join our negotiations.

I'm still here and waiting for your representative for further negotiations

Your silence will only make things worse for yourself.We have more than 60 GB of your private data at our disposal.Urgently appoint an authorized representative and enter into negotiations.Otherwise, we will sell your data to a third party

As I warned you, your data is for sale.While the timer is running, no one else can see your files.After the time expires, your data will be available to our buyers, but it will not be available to you.Enter into negotiations quickly and we will stop this.

[REDACTED URL]

[redacted]

[redacted]

[redacted]

[redacted]

Why are you keeping silent?you are running out of time.

[redacted].com hi sir this data need also

[REDACTED URL] my link not working so i contact this way

pls need decrypt tool

pls help me

Hello!To help you I need to understand who I'm dealing with?Have you been authorized to negotiate on behalf of the entire company?

As for [redacted].com, I can tell you that we can also solve this issue.Pass this on to your management.

Get the point. Without the participation of your leadership, we will not be able to conclude an agreement with you.It is up to your bosses to decide whether or not they should pay us to decrypt the files and return the data.Therefore, I strongly recommend that you tell them about it. Let them give you a representative.This is the only way we will find a way out of this situation.

how much price

[redacted].com

wait a bit, I'll make some clarifications on this

for those who want to recover files on [redacted].com. I have a question. How did you get access to this chat?

After your answer, we will move on to discussing the price.

Why did you stop communicating?Files on your computers won't decrypt themselves

we are ready to cooperate.Give me an answer and we will move on to the question of price