// Ransomware Negotiation Transcript

Conti Ransomware Negotiation — Redacted Organisation

14Messages
UnknownDuration
$100.00Initial Demand
PaidOutcome
// Context

About This Negotiation

This transcript documents a Conti ransomware negotiation with a redacted victim organisation. The negotiation consisted of 14 messages exchanged over Unknown.

The initial ransom demand was $100.00. The negotiation resulted in a confirmed payment.

// Primary Source

Full Transcript — Verbatim

Reproduced from Casualtek's Ransomchats archive. URLs have been redacted.

Victim names are shown only where the breach was publicly reported in mainstream media. Any organisation wishing their name redacted can contact us at enquiries@binary-response.com — we will act promptly.
[Conti] — 23/09/2021, 12:25:23 — Message 1/14
Hello, are you ready to negotiate?
[Conti] — 23/09/2021, 15:33:14 — Message 2/14
As you already know - your network and all of your data were encrypted by CONTI team. Besides the encryption process we've downloaded a large pack of your internal documents and files that will be published in case our negotiations fail. How it happens can be seen on our website The recovery price is $100.000. If you want to make sure we can recover all of your data - you can send us the two files of your choice and we will decrypt them free of charge. If we reach mutual agreement your will be provided with decryption tool, none of your internal data will be published and you will be provided with security tips on how to avoid further breaches. We strongly recommend to review our offer in a timely manner.
[Victim] — 24/09/2021, 12:55:39 — Message 3/14
Hi are you there?? Kindly help us please
[Conti] — 24/09/2021, 12:57:48 — Message 4/14
yes
[Victim] — 24/09/2021, 13:00:28 — Message 5/14
Kindly help us we are ready to pay you
[Victim] — 24/09/2021, 13:00:59 — Message 6/14
Price is very high? can you provide some discount to us?
[Victim] — 24/09/2021, 13:02:52 — Message 7/14
How much time will it takes to decrypt after sending money to you
[Conti] — 24/09/2021, 13:22:46 — Message 8/14
We will give the decrypt app immediately after payment and you can decipher everything for an hour
[Conti] — 24/09/2021, 13:24:49 — Message 9/14
In addition, we stole your 50 gigabyte data Within 24 hours, we will download the list of what downloaded from your network
[Victim] — 24/09/2021, 13:37:58 — Message 10/14
tell us where we have to pay and kindly provide some discount please
[Conti] — 24/09/2021, 13:39:10 — Message 11/14
Do you wait for listing or want to pay fast?
[Conti] — 24/09/2021, 15:24:53 — Message 12/14
full-listing_[redacted].txt [ 4MB ]
[Victim] — 27/09/2021, 21:21:43 — Message 13/14
.
[Conti] — 27/09/2021, 21:51:06 — Message 14/14
?
// Analysis

Analyst Observations

Facing a Ransomware Demand?

Whether you choose to negotiate or refuse — having specialists in the room changes the outcome.

⚡ Contact Us Now Our Negotiations Service →