STRLCPY/ransomware_notes

add new ragnarlocker ransom note
ThreatLabz committed 1 year ago

3afcfabb

1 parent e46cd882

Total 1 files

■ ■ ■ ■ ■ ■

ragnarlocker/!_^_README_NOTES_RAGNAR_^_!.txt

1	+	********************************************************************************************************************
2	+
3	+	HELLO [snip] !
4	+
5	+	If you reading this message, it means your network was PENETRATED and your most sensitive files were COMPROMISED
6	+
7	+	-------------------------------------------------
8	+	\| \|
9	+	\| by R A G N A R L O C K E R ! \|
10	+	\| \|
11	+	-------------------------------------------------
12	+
13	+	********************************************************************************************************************
14	+	[ YOU HAVE TO CONTACT US via LIVE CHAT IMMEDIATELY TO RESOLVE THIS CASE AND MAKE A DEAL ]
15	+	(contact information you will find at the bottom of this notes)
16	+
17	+	** WARNING **
18	+
19	+
20	+	DO NOT Hire any third-party negotiators (recovery/FBI/police and etc), otherwise we will close chat immediately and Publish your Data.
21	+	---------------------------------------------------------------------------------------------------------------------------------------
22	+
23	+	----[WHAT'S HAPPENED]
24	+	With this message we want to let you know that we has obtained access everywhere in your network and we was able to encrypt your files and servers.
25	+	However, we didn't do that only because of willing to avoid interruption in hospitals normal business processes and don't put health of the patients under risk.
26	+	But unfortunately, you has allowed data leak, about 1TB of personal data was compromised. So, your clients didn't get the required protection.
27	+
28	+	Tottally we has DOWNLOADED about 1TB of your CONFIDENTIAL and most SENSITIVE Data just in case if you will NOT PAY, if so, than everything will be PUBLISHED in Media and/or SOLD to any third-party.
29	+
30	+	WE HAS COLLECTED SUCH DATA AS:
31	+	- Medical record, medical history, Information regarding diagnoses and surgeries
32	+	- Clients personal info: Relatives/Address/DOB/email/phones and etc., Private letters and correspondence
33	+	- Departments: Oncology, Pediatrics, Surgery, Urology, Oculist, Cardiology, Gynecology and others
34	+	- Financial reports, Revenue, Budgets, Payrolls, Expenses, Bank statements
35	+	- Databases, Credentials, access to emails and accounts, Passwords, Workfiles
36	+	- And many other sensitive data...
37	+
38	+
39	+	----[WHAT SHOULD YOU DO]
40	+	- You have to contact us as soon as possible (you can find contacts below)
41	+	- You should make a Deal with us, to avoid LEAK of your Sensitive Data
42	+	- You should avoid any scammers using our name in different communication ways. We communicate only via LIVE CHAT
43	+	- You should avoid any third-party negotiators and recovery groups
44	+
45	+
46	+	----[YOUR OPTIONS]
47	+	1) IF NO CONTACT OR DEAL MADE IN 3 DAYS:
48	+	All your Data will be Published and/or Sold to any third-parties
49	+	Information regarding vulnerabilities of your network also can be published and/or sold
50	+	Such Leakage will have disastrous consequences to your business reputation.
51	+
52	+	2) If WE MAKE A DEAL:
53	+	We will remove all your files from our file-storage with proof of Deletion
54	+	We will permanently delete post with your company name
55	+	We guarantee to avoid sharing any details with third-parties
56	+	We will provide you with the penetration report and list of security-recommendations
57	+
58	+	[Here are couple of screenshots just as a proofs of Data possession, you can find more in our Leak Blog]
59	+	Screenshots:
60	+	https://prnt.sc/[snip]
61	+	https://prnt.sc/[snip]
62	+	https://prnt.sc/[snip]
63	+	https://prnt.sc/[snip]
64	+	https://prnt.sc/[snip]
65	+	https://prnt.sc/[snip]
66	+	https://prnt.sc/[snip]
67	+	https://prnt.sc/[snip]
68	+	https://prnt.sc/[snip]
69	+
70	+	-------------------------------------------------------------------------------------------------------------
71	+	LEAK BLOG ACCESS:
72	+	This temporary post stays hidden only during 3(three) days until we make a Deal.
73	+	If the Deal not made, Post would be supplemented and become permanent and accessible for everyone!
74	+
75	+	LEAK BLOG: http://rgleaktxuey67yrgspmhvtnrqtgogur35lwdrup4d3igtbm3pupc4lyd.onion/?[snip]
76	+	Password: [snip]
77	+	(use Tor Browser to open the link)
78	+
79	+	======================================================================
80	+	[ HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT ]
81	+	!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
82	+
83	+	1) Download and install TOR browser from this site : https://torproject.org
84	+	2) For contact us via LIVE CHAT open our website : http://ragnarmj3hlykxstyanwtgf33eyacccleg45ctygkuw7dkgysict6xyd.onion/client/?[snip]
85	+	3) To visit TEMPORARY LEAK PAGE with your data on our Leaks Blog
86	+	open this website: http://rgleaktxuey67yrgspmhvtnrqtgogur35lwdrup4d3igtbm3pupc4lyd.onion/?[snip]
87	+	password: [snip]
88	+
89	+	4) If Tor is restricted in your area, use VPN
90	+	5) All your Data will be published in 3(three) Days if NO contact made
91	+	6) Information regarding vulnerabilities in your network will be Sold or Published
92	+	7) Your Data will be published if you will hire third-party negotiators to contact us
93	+
94	+
95	+	*We advise you to find some information about us in google
96	+	Also check the tab "About Us" in our Blog (http://rgleaktxuey67yrgspmhvtnrqtgogur35lwdrup4d3igtbm3pupc4lyd.onion/?about-us)
97	+
98	+
99	+

add new ragnarlocker ransom note