REvil Ransomware Negotiation — Redacted Organisation

Hello - what do we do to get our data back?

test files

this readme?

a few things. this is weekend and everything is closed until tuesday. we cannot even begin to figure out the process but there is no one to speak to, I see deadline of 3 days, please increase to 7-10 days to give us enough time to process this situation.

can you do discount on the amount you are asking? we are in the Caribbean and financial systems are partially disabled due to covid.

can you accept btc? every broker we spoke to said it will take a long time for this amount of XMR. That is why we need time to find the right broker who can supply xmr.

its the weekend and banking holiday

can you decrypt test from another office?

also --- can you provide list of what data you take? or some sample? when I speak to management it will help explain.

+ I am the IT manager and I do not make decision about money, but I would like to close this soon as possible, can you provide a list of files or something to prove my boss that its not only decrypt?

+ yes I show him this. But my company is in carribean there is no privacy law, so easier to prove to boss what listing of the files you take to convince. The decryptor is of secondary value to us.

I want to solve this fast too, because I did not see family for few days now. So anything you can do to help me when talking to boss will be much help.

looking for some sort of a file list if you have of our files. because otherwise the boss is waiting for IT to finish investigation and this will take long time. I want to do this faster. Can you send a list of the files?

I do not know if you have problem communicating in English or whether I am speaking to an operator with bad temper but your response is not smart business. Do not threaten us again, because if you make more money publishing information, then good for you. Otherwise, you are taking a possible client who is willing to pay and basically start throwing a tantrum like a child. I would like to speak to an adult please who can understand business and knows why I am asking for what I am asking.

Now, let me repeat. I am trying very hard to work with you and you need to understand that we understand perfectly what position you are in, and what position WE ARE IN. I also check your reputation and you guys always deliver on your promise which is great and it is a strong basis for a good business transaction.

Here is what I need to move this forward, it is a very simple ask. We need a sample of the data you take and a file list of the files you take. It is not difficult and it is our files anyways, so what is the difficulty? All this will do is prove that you are indeed in a position of power, and I will be able to convince my boss that we need to speak about payment. I am TRYING TO HELP YOU AND ME. So work with me, or ask your boss to put someone else to work with me. And I also ask that you stop threatening me, your team already do the damage, so now we can speak and reach agreement or you can play games of threats and verbal abuse. Let's pretend we are adults ok?

I read about you in media and bleeping computer. I have no doubt you will follow through and while my boss will make the business decision, I am trying to follow his instructions and work with you. I am asking you to work with me and give me what my boss is asking for. Let me further explain, our systems are almost back-up, but I am trying to reach common ground. Can you share the list of files you take? My boss does not care about publicity, but he does care about protecting people, if you can demonstrate what data you take, even just file list, it will go a long way in the discussion here. I am not trying to waste your time or mine, this will help no one. I know you are big group and you attack many companies and that we are just a number. I also understand you have the power. I am trying to be honest and explain to you what will help me here, this is the process I need to follow. So the question is whether it is possible for you to give me list of files or no. If no, I will tell my boss and we can figure out next steps. But let’s try to work together.

At this stage of negotiations - we cannot proceed unless you provide us with the list of files and 2-3 random sample files you took. If you break negotiations at this point, you are going to publish the data anyways, so there is zero difference between giving us the information or publishing. The only key difference is that if you publish instead of giving us the information we need, there will be zero chance of further negotiations. I hope your boss reconsiders his position so that we can finally move forward.

First, thank you for finally providing this information which will allow me to work with the boss. Second, I will certainly push to make a decision as fast as possible. HOWEVER - reducing the timer will not work. Actually because you delay the analysis for no real reason we will need more time. Given the amount it will not happen before Friday. You can try and push and you are doing a great job of that, but in a company that needs to follow process, it will not work and all you will do is end up losing this opportunity to close the issue for both side. Please increase the timer as we are asking. I am trying to work with you.

We can argue together and you can argue you gave us enough time. In a company that is publicly listed, 3 days is not enough time. So let's stop with the games here, we are trying to work with you and I have no interest to play games, I tell you what I need not because I feel like it for fun and giggles. It is also not my money, so all threats mean nothing. I am speaking to you because of genuine interest to solve the problem and make sure we conclude this successfully. If you run the timer and publish the conversation is over. I know you do not care either but I am sure we are both interested in getting this to successfully conclude. You took the first step in showing me what I needed, now do whatever you need, but I am telling you that your new deadline is not going to happen. Your call how we do this.

You decision, your rules. I will pass on your message certainly.

and just so you know... Carribean rules because of USD embargo during Covid, Maybe do some research on this. Either way, you are not changing your position, I understand. Please understand that when timer expires if you publish this conversation is over and second, there will not even be a negotiation on price until the boss does his analysis. Thank you and have a wonderful day.

Understood. It is a 2-way street my friend. We either try to work together or you already decide to publish etc. That is why I asked for the data so that I can prove to the boss that it is a serious situation. But it took you time, now I need the time to work on the boss.