Fidye Virüsünü Tanıyalım! Bölüm 1: RagnarLocker

'ReDLiNe · 4 Eyl 2022

Merhaba değerli TürkHackTeam üyeleri.
Bu konu serimizde sizlere yeni yeni çıkan veya eskiden çıkmış olup, yeniden tehdit unsuru haline gelen fidye virüslerini öğreneceğiz.
İyi okumalar dilerim

Konuya girmeden önce fidye virüsü nedir?
Fidye virüsleri önemli, önemsiz olan bütün dosyalarınız şifreleyerek sizden onlara ulaşabilmeniz için ücret talep eden minik boyutlu etkisi büyük kod dizileridir.

Pekala, konumuza başlayalım. Nedir bu "RagnarLocker"?

Nisan 2020 tarihinde ortaya çıkan bu fidye yazılımı "Double Extortion" çevirisi "Çifte Gasp" olan bir tür taktik kullanarak hassas verileri tarayarak şifreleme atağını gerçekleştirir.
"Salsa20" şifreleme algoritması kullanan (Brute Force methodları ile kırılması çok güçtür.) bu yazılım dosyaları şifrelemek için RSA-2048 algoritmasını kullanmaktadır ve CVE-2017-0213 güvenlik açığını kullanmaktadır.

Hashler: MD5: 6360B252B21FE015D667B093F6497E33
SHA256: 1DE475E958D7A49EBF4DC342F772781A97AE49C834D9D7235546737150C56A9C

Aşağıdaki videoda SiamAlam adlı YouTube kullanıcısı tarafından RagnarLocker yazılımının Dinamik Analizini izleyebilirsiniz

Aşağıdaki kod dizisi ise yazılımın oluşturduğu fidye notudur. Site linkleri sansürlenmiştir.

Güvende Kalın! İyi Forumlar Dilerim

Kod:

Ransom Notu:
*****************************************************************************************************************

                                              HELLO User !

 If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED

                                              by RAGNAR_LOCKER !

*****************************************************************************************************************

                                              !!!!! WARNING !!!!!

DO NOT Modify, rename, copy or move any files or you can DAMAGE them and decryption will be impossible.

DO NOT use any third party or public decryption software, it also may damage files.

DO NOT Shutdown or reset your system

-------------------------------------

There is ONLY ONE possible way to get back your files - contact us and pay for our special decryption key !

For your GUARANTEE we will decrypt 2 of your files FOR FREE, as a proof of our capabilities

Don't waste your TIME, the link for contacting us will be deleted if there is no contact made in closest future and you will never restore your DATA.

HOWEVER if you will contact us within 2 day since get penetrated - you can get a very SPECIAL PRICE.

ATTENTION !

We had downloaded more than 10TB of data from your fileservers and if you don't contact us for payment, we will publish it or sell to interested parties.

Here is just a small part of your files that we have, for a proof (use Tor Browser for open the link) : http://**********.onion/?p=171

We gathered the most sensitive and confidential information about your transactions, billing, contracts, clients and partners. And be assure that if you wouldn't pay,

all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.

==============================================================================================================

! HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT !

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

a) Download and install TOR browser from this site : https://torproject.org

b) For contact us via LIVE CHAT open our website : http://***********.onion/client/?6bECA2b2AFFfBC1Dff0aa0EaaAd468bec0903b5e4Ea58ecde3C264bC55c7389E

c) For visit our NEWS PORTAL with your data, open this website : http://*********.onion/?page_id=171

d) If Tor is restricted in your area, use VPN

When you open LIVE CHAT website follow rules :

Follow the instructions on the website.

At the top you will find CHAT tab.

Send your message there and wait for response (we are not online 24/7, So you have to wait for your turn).

***********************************************************************************

---RAGNAR SECRET---

NmJFQ0EyYjJBRkZmQkMxRGZmMGFhMEVhYUFkNDY4YmVjMDkwM2I1ZTRFYTU4ZWNkZTNDMjY0YkM1NWM3Mzg5RQ==

---RAGNAR SECRET---

***********************************************************************************

Toryy · 4 Eyl 2022

Emeğinize sağlık

'Aspect · 4 Eyl 2022

Eline sağlık

JohnWick51 · 4 Eyl 2022

'ReDLiNe' Alıntı:

Merhaba değerli TürkHackTeam üyeleri.
Bu konu serimizde sizlere yeni yeni çıkan veya eskiden çıkmış olup, yeniden tehdit unsuru haline gelen fidye virüslerini öğreneceğiz.
İyi okumalar dilerim

Konuya girmeden önce fidye virüsü nedir?
Fidye virüsleri önemli, önemsiz olan bütün dosyalarınız şifreleyerek sizden onlara ulaşabilmeniz için ücret talep eden minik boyutlu etkisi büyük kod dizileridir.

Pekala, konumuza başlayalım. Nedir bu "RagnarLocker"?

Nisan 2020 tarihinde ortaya çıkan bu fidye yazılımı "Double Extortion" çevirisi "Çifte Gasp" olan bir tür taktik kullanarak hassas verileri tarayarak şifreleme atağını gerçekleştirir.
"Salsa20" şifreleme algoritması kullanan (Brute Force methodları ile kırılması çok güçtür.) bu yazılım dosyaları şifrelemek için RSA-2048 algoritmasını kullanmaktadır ve CVE-2017-0213 güvenlik açığını kullanmaktadır.

Hashler: MD5: 6360B252B21FE015D667B093F6497E33
SHA256: 1DE475E958D7A49EBF4DC342F772781A97AE49C834D9D7235546737150C56A9C

Aşağıdaki videoda SiamAlam adlı YouTube kullanıcısı tarafından RagnarLocker yazılımının Dinamik Analizini izleyebilirsiniz

Aşağıdaki kod dizisi ise yazılımın oluşturduğu fidye notudur. Site linkleri sansürlenmiştir.

Güvende Kalın! İyi Forumlar Dilerim

Kod:

Ransom Notu:
*****************************************************************************************************************

                                              HELLO User !

 If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED

                                              by RAGNAR_LOCKER !

*****************************************************************************************************************

                                              !!!!! WARNING !!!!!

DO NOT Modify, rename, copy or move any files or you can DAMAGE them and decryption will be impossible.

DO NOT use any third party or public decryption software, it also may damage files.

DO NOT Shutdown or reset your system

-------------------------------------

There is ONLY ONE possible way to get back your files - contact us and pay for our special decryption key !

For your GUARANTEE we will decrypt 2 of your files FOR FREE, as a proof of our capabilities

Don't waste your TIME, the link for contacting us will be deleted if there is no contact made in closest future and you will never restore your DATA.

HOWEVER if you will contact us within 2 day since get penetrated - you can get a very SPECIAL PRICE.

ATTENTION !

We had downloaded more than 10TB of data from your fileservers and if you don't contact us for payment, we will publish it or sell to interested parties.

Here is just a small part of your files that we have, for a proof (use Tor Browser for open the link) : http://**********.onion/?p=171

We gathered the most sensitive and confidential information about your transactions, billing, contracts, clients and partners. And be assure that if you wouldn't pay,

all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.

==============================================================================================================

! HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT !

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

a) Download and install TOR browser from this site : https://torproject.org

b) For contact us via LIVE CHAT open our website : http://***********.onion/client/?6bECA2b2AFFfBC1Dff0aa0EaaAd468bec0903b5e4Ea58ecde3C264bC55c7389E

c) For visit our NEWS PORTAL with your data, open this website : http://*********.onion/?page_id=171

d) If Tor is restricted in your area, use VPN

When you open LIVE CHAT website follow rules :

Follow the instructions on the website.

At the top you will find CHAT tab.

Send your message there and wait for response (we are not online 24/7, So you have to wait for your turn).

***********************************************************************************

---RAGNAR SECRET---

NmJFQ0EyYjJBRkZmQkMxRGZmMGFhMEVhYUFkNDY4YmVjMDkwM2I1ZTRFYTU4ZWNkZTNDMjY0YkM1NWM3Mzg5RQ==

---RAGNAR SECRET---

***********************************************************************************

Ellerine saglik

Vali1um · 4 Eyl 2022

Ellerine sağlık.

GECEYARASA · 4 Eyl 2022

'ReDLiNe' Alıntı:

Merhaba değerli TürkHackTeam üyeleri.
Bu konu serimizde sizlere yeni yeni çıkan veya eskiden çıkmış olup, yeniden tehdit unsuru haline gelen fidye virüslerini öğreneceğiz.
İyi okumalar dilerim

Konuya girmeden önce fidye virüsü nedir?
Fidye virüsleri önemli, önemsiz olan bütün dosyalarınız şifreleyerek sizden onlara ulaşabilmeniz için ücret talep eden minik boyutlu etkisi büyük kod dizileridir.

Pekala, konumuza başlayalım. Nedir bu "RagnarLocker"?

Nisan 2020 tarihinde ortaya çıkan bu fidye yazılımı "Double Extortion" çevirisi "Çifte Gasp" olan bir tür taktik kullanarak hassas verileri tarayarak şifreleme atağını gerçekleştirir.
"Salsa20" şifreleme algoritması kullanan (Brute Force methodları ile kırılması çok güçtür.) bu yazılım dosyaları şifrelemek için RSA-2048 algoritmasını kullanmaktadır ve CVE-2017-0213 güvenlik açığını kullanmaktadır.

Hashler: MD5: 6360B252B21FE015D667B093F6497E33
SHA256: 1DE475E958D7A49EBF4DC342F772781A97AE49C834D9D7235546737150C56A9C

Aşağıdaki videoda SiamAlam adlı YouTube kullanıcısı tarafından RagnarLocker yazılımının Dinamik Analizini izleyebilirsiniz

Aşağıdaki kod dizisi ise yazılımın oluşturduğu fidye notudur. Site linkleri sansürlenmiştir.

Güvende Kalın! İyi Forumlar Dilerim

Kod:

Ransom Notu:
*****************************************************************************************************************

                                              HELLO User !

 If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED

                                              by RAGNAR_LOCKER !

*****************************************************************************************************************

                                              !!!!! WARNING !!!!!

DO NOT Modify, rename, copy or move any files or you can DAMAGE them and decryption will be impossible.

DO NOT use any third party or public decryption software, it also may damage files.

DO NOT Shutdown or reset your system

-------------------------------------

There is ONLY ONE possible way to get back your files - contact us and pay for our special decryption key !

For your GUARANTEE we will decrypt 2 of your files FOR FREE, as a proof of our capabilities

Don't waste your TIME, the link for contacting us will be deleted if there is no contact made in closest future and you will never restore your DATA.

HOWEVER if you will contact us within 2 day since get penetrated - you can get a very SPECIAL PRICE.

ATTENTION !

We had downloaded more than 10TB of data from your fileservers and if you don't contact us for payment, we will publish it or sell to interested parties.

Here is just a small part of your files that we have, for a proof (use Tor Browser for open the link) : http://**********.onion/?p=171

We gathered the most sensitive and confidential information about your transactions, billing, contracts, clients and partners. And be assure that if you wouldn't pay,

all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.

==============================================================================================================

! HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT !

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

a) Download and install TOR browser from this site : https://torproject.org

b) For contact us via LIVE CHAT open our website : http://***********.onion/client/?6bECA2b2AFFfBC1Dff0aa0EaaAd468bec0903b5e4Ea58ecde3C264bC55c7389E

c) For visit our NEWS PORTAL with your data, open this website : http://*********.onion/?page_id=171

d) If Tor is restricted in your area, use VPN

When you open LIVE CHAT website follow rules :

Follow the instructions on the website.

At the top you will find CHAT tab.

Send your message there and wait for response (we are not online 24/7, So you have to wait for your turn).

***********************************************************************************

---RAGNAR SECRET---

NmJFQ0EyYjJBRkZmQkMxRGZmMGFhMEVhYUFkNDY4YmVjMDkwM2I1ZTRFYTU4ZWNkZTNDMjY0YkM1NWM3Mzg5RQ==

---RAGNAR SECRET---

***********************************************************************************

eline sağlık

GökBörü. · 4 Eyl 2022

eline emeğine sağlık

1wexter1 · 4 Eyl 2022

'ReDLiNe' Alıntı:

Merhaba değerli TürkHackTeam üyeleri.
Bu konu serimizde sizlere yeni yeni çıkan veya eskiden çıkmış olup, yeniden tehdit unsuru haline gelen fidye virüslerini öğreneceğiz.
İyi okumalar dilerim

Konuya girmeden önce fidye virüsü nedir?
Fidye virüsleri önemli, önemsiz olan bütün dosyalarınız şifreleyerek sizden onlara ulaşabilmeniz için ücret talep eden minik boyutlu etkisi büyük kod dizileridir.

Pekala, konumuza başlayalım. Nedir bu "RagnarLocker"?

Nisan 2020 tarihinde ortaya çıkan bu fidye yazılımı "Double Extortion" çevirisi "Çifte Gasp" olan bir tür taktik kullanarak hassas verileri tarayarak şifreleme atağını gerçekleştirir.
"Salsa20" şifreleme algoritması kullanan (Brute Force methodları ile kırılması çok güçtür.) bu yazılım dosyaları şifrelemek için RSA-2048 algoritmasını kullanmaktadır ve CVE-2017-0213 güvenlik açığını kullanmaktadır.

Hashler: MD5: 6360B252B21FE015D667B093F6497E33
SHA256: 1DE475E958D7A49EBF4DC342F772781A97AE49C834D9D7235546737150C56A9C

Aşağıdaki videoda SiamAlam adlı YouTube kullanıcısı tarafından RagnarLocker yazılımının Dinamik Analizini izleyebilirsiniz

Aşağıdaki kod dizisi ise yazılımın oluşturduğu fidye notudur. Site linkleri sansürlenmiştir.

Güvende Kalın! İyi Forumlar Dilerim

Kod:

Ransom Notu:
*****************************************************************************************************************

                                              HELLO User !

 If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED

                                              by RAGNAR_LOCKER !

*****************************************************************************************************************

                                              !!!!! WARNING !!!!!

DO NOT Modify, rename, copy or move any files or you can DAMAGE them and decryption will be impossible.

DO NOT use any third party or public decryption software, it also may damage files.

DO NOT Shutdown or reset your system

-------------------------------------

There is ONLY ONE possible way to get back your files - contact us and pay for our special decryption key !

For your GUARANTEE we will decrypt 2 of your files FOR FREE, as a proof of our capabilities

Don't waste your TIME, the link for contacting us will be deleted if there is no contact made in closest future and you will never restore your DATA.

HOWEVER if you will contact us within 2 day since get penetrated - you can get a very SPECIAL PRICE.

ATTENTION !

We had downloaded more than 10TB of data from your fileservers and if you don't contact us for payment, we will publish it or sell to interested parties.

Here is just a small part of your files that we have, for a proof (use Tor Browser for open the link) : http://**********.onion/?p=171

We gathered the most sensitive and confidential information about your transactions, billing, contracts, clients and partners. And be assure that if you wouldn't pay,

all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.

==============================================================================================================

! HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT !

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

a) Download and install TOR browser from this site : https://torproject.org

b) For contact us via LIVE CHAT open our website : http://***********.onion/client/?6bECA2b2AFFfBC1Dff0aa0EaaAd468bec0903b5e4Ea58ecde3C264bC55c7389E

c) For visit our NEWS PORTAL with your data, open this website : http://*********.onion/?page_id=171

d) If Tor is restricted in your area, use VPN

When you open LIVE CHAT website follow rules :

Follow the instructions on the website.

At the top you will find CHAT tab.

Send your message there and wait for response (we are not online 24/7, So you have to wait for your turn).

***********************************************************************************

---RAGNAR SECRET---

NmJFQ0EyYjJBRkZmQkMxRGZmMGFhMEVhYUFkNDY4YmVjMDkwM2I1ZTRFYTU4ZWNkZTNDMjY0YkM1NWM3Mzg5RQ==

---RAGNAR SECRET---

***********************************************************************************

Elinize emeğine sağlık hocam.

THE zoRRo · 4 Eyl 2022

Eline sağlık

Easter · 4 Eyl 2022

Eline sağlık.

UZAY 52 · 4 Eyl 2022

Elinize sağlık hocam

Ghost Killer · 4 Eyl 2022

Eline sağlık.

The VODKA · 4 Eyl 2022

Eline Sağlık.

DarkSky_cyber · 4 Eyl 2022

'ReDLiNe' Alıntı:

Merhaba değerli TürkHackTeam üyeleri.
Bu konu serimizde sizlere yeni yeni çıkan veya eskiden çıkmış olup, yeniden tehdit unsuru haline gelen fidye virüslerini öğreneceğiz.
İyi okumalar dilerim

Konuya girmeden önce fidye virüsü nedir?
Fidye virüsleri önemli, önemsiz olan bütün dosyalarınız şifreleyerek sizden onlara ulaşabilmeniz için ücret talep eden minik boyutlu etkisi büyük kod dizileridir.

Pekala, konumuza başlayalım. Nedir bu "RagnarLocker"?

Nisan 2020 tarihinde ortaya çıkan bu fidye yazılımı "Double Extortion" çevirisi "Çifte Gasp" olan bir tür taktik kullanarak hassas verileri tarayarak şifreleme atağını gerçekleştirir.
"Salsa20" şifreleme algoritması kullanan (Brute Force methodları ile kırılması çok güçtür.) bu yazılım dosyaları şifrelemek için RSA-2048 algoritmasını kullanmaktadır ve CVE-2017-0213 güvenlik açığını kullanmaktadır.

Hashler: MD5: 6360B252B21FE015D667B093F6497E33
SHA256: 1DE475E958D7A49EBF4DC342F772781A97AE49C834D9D7235546737150C56A9C

Aşağıdaki videoda SiamAlam adlı YouTube kullanıcısı tarafından RagnarLocker yazılımının Dinamik Analizini izleyebilirsiniz

Aşağıdaki kod dizisi ise yazılımın oluşturduğu fidye notudur. Site linkleri sansürlenmiştir.

Güvende Kalın! İyi Forumlar Dilerim

Kod:

Ransom Notu:
*****************************************************************************************************************

                                              HELLO User !

 If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED

                                              by RAGNAR_LOCKER !

*****************************************************************************************************************

                                              !!!!! WARNING !!!!!

DO NOT Modify, rename, copy or move any files or you can DAMAGE them and decryption will be impossible.

DO NOT use any third party or public decryption software, it also may damage files.

DO NOT Shutdown or reset your system

-------------------------------------

There is ONLY ONE possible way to get back your files - contact us and pay for our special decryption key !

For your GUARANTEE we will decrypt 2 of your files FOR FREE, as a proof of our capabilities

Don't waste your TIME, the link for contacting us will be deleted if there is no contact made in closest future and you will never restore your DATA.

HOWEVER if you will contact us within 2 day since get penetrated - you can get a very SPECIAL PRICE.

ATTENTION !

We had downloaded more than 10TB of data from your fileservers and if you don't contact us for payment, we will publish it or sell to interested parties.

Here is just a small part of your files that we have, for a proof (use Tor Browser for open the link) : http://**********.onion/?p=171

We gathered the most sensitive and confidential information about your transactions, billing, contracts, clients and partners. And be assure that if you wouldn't pay,

all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.

==============================================================================================================

! HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT !

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

a) Download and install TOR browser from this site : https://torproject.org

b) For contact us via LIVE CHAT open our website : http://***********.onion/client/?6bECA2b2AFFfBC1Dff0aa0EaaAd468bec0903b5e4Ea58ecde3C264bC55c7389E

c) For visit our NEWS PORTAL with your data, open this website : http://*********.onion/?page_id=171

d) If Tor is restricted in your area, use VPN

When you open LIVE CHAT website follow rules :

Follow the instructions on the website.

At the top you will find CHAT tab.

Send your message there and wait for response (we are not online 24/7, So you have to wait for your turn).

***********************************************************************************

---RAGNAR SECRET---

NmJFQ0EyYjJBRkZmQkMxRGZmMGFhMEVhYUFkNDY4YmVjMDkwM2I1ZTRFYTU4ZWNkZTNDMjY0YkM1NWM3Mzg5RQ==

---RAGNAR SECRET---

***********************************************************************************

eline emeğine sağlık

Merve666** · 5 Eyl 2022

Eline emegine sağlık

ATE$ · 20 Eyl 2022

'ReDLiNe' Alıntı:

Merhaba değerli TürkHackTeam üyeleri.
Bu konu serimizde sizlere yeni yeni çıkan veya eskiden çıkmış olup, yeniden tehdit unsuru haline gelen fidye virüslerini öğreneceğiz.
İyi okumalar dilerim

Konuya girmeden önce fidye virüsü nedir?
Fidye virüsleri önemli, önemsiz olan bütün dosyalarınız şifreleyerek sizden onlara ulaşabilmeniz için ücret talep eden minik boyutlu etkisi büyük kod dizileridir.

Pekala, konumuza başlayalım. Nedir bu "RagnarLocker"?

Nisan 2020 tarihinde ortaya çıkan bu fidye yazılımı "Double Extortion" çevirisi "Çifte Gasp" olan bir tür taktik kullanarak hassas verileri tarayarak şifreleme atağını gerçekleştirir.
"Salsa20" şifreleme algoritması kullanan (Brute Force methodları ile kırılması çok güçtür.) bu yazılım dosyaları şifrelemek için RSA-2048 algoritmasını kullanmaktadır ve CVE-2017-0213 güvenlik açığını kullanmaktadır.

Hashler: MD5: 6360B252B21FE015D667B093F6497E33
SHA256: 1DE475E958D7A49EBF4DC342F772781A97AE49C834D9D7235546737150C56A9C

Aşağıdaki videoda SiamAlam adlı YouTube kullanıcısı tarafından RagnarLocker yazılımının Dinamik Analizini izleyebilirsiniz

Aşağıdaki kod dizisi ise yazılımın oluşturduğu fidye notudur. Site linkleri sansürlenmiştir.

Güvende Kalın! İyi Forumlar Dilerim

Kod:

Ransom Notu:
*****************************************************************************************************************

                                              HELLO User !

 If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED

                                              by RAGNAR_LOCKER !

*****************************************************************************************************************

                                              !!!!! WARNING !!!!!

DO NOT Modify, rename, copy or move any files or you can DAMAGE them and decryption will be impossible.

DO NOT use any third party or public decryption software, it also may damage files.

DO NOT Shutdown or reset your system

-------------------------------------

There is ONLY ONE possible way to get back your files - contact us and pay for our special decryption key !

For your GUARANTEE we will decrypt 2 of your files FOR FREE, as a proof of our capabilities

Don't waste your TIME, the link for contacting us will be deleted if there is no contact made in closest future and you will never restore your DATA.

HOWEVER if you will contact us within 2 day since get penetrated - you can get a very SPECIAL PRICE.

ATTENTION !

We had downloaded more than 10TB of data from your fileservers and if you don't contact us for payment, we will publish it or sell to interested parties.

Here is just a small part of your files that we have, for a proof (use Tor Browser for open the link) : http://**********.onion/?p=171

We gathered the most sensitive and confidential information about your transactions, billing, contracts, clients and partners. And be assure that if you wouldn't pay,

all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.

==============================================================================================================

! HERE IS THE SIMPLE MANUAL HOW TO GET CONTACT WITH US VIA LIVE CHAT !

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

a) Download and install TOR browser from this site : https://torproject.org

b) For contact us via LIVE CHAT open our website : http://***********.onion/client/?6bECA2b2AFFfBC1Dff0aa0EaaAd468bec0903b5e4Ea58ecde3C264bC55c7389E

c) For visit our NEWS PORTAL with your data, open this website : http://*********.onion/?page_id=171

d) If Tor is restricted in your area, use VPN

When you open LIVE CHAT website follow rules :

Follow the instructions on the website.

At the top you will find CHAT tab.

Send your message there and wait for response (we are not online 24/7, So you have to wait for your turn).

***********************************************************************************

---RAGNAR SECRET---

NmJFQ0EyYjJBRkZmQkMxRGZmMGFhMEVhYUFkNDY4YmVjMDkwM2I1ZTRFYTU4ZWNkZTNDMjY0YkM1NWM3Mzg5RQ==

---RAGNAR SECRET---

***********************************************************************************

Merhaba Redline. Ragnar_Locker tam olarak nasıl yazılır?

Fidye Virüsünü Tanıyalım! Bölüm 1: RagnarLocker

'ReDLiNe

Blue Team Lideri

Toryy

Kıdemli Üye

'Aspect

Özel Üye

JohnWick51

Uzman üye

Vali1um

Katılımcı Üye

GECEYARASA

Üye

GökBörü.

Turan Ordusu Senior

1wexter1

Katılımcı Üye

THE zoRRo

Uzman üye

Easter

Katılımcı Üye

UZAY 52

Uzman üye

Ghost Killer

Harici Saldırı Timleri Koordinatörü

The VODKA

Uzman üye

DarkSky_cyber

Yeni üye

Merve666**

Yeni üye

ATE$

Katılımcı Üye

Sosyal medya sayfalarımız