[RANSOMWARE] >>READ 1st Post<< Deadbolt

[flocke487]

Hello, have some paid the ransome in the last days? Have you got the key?

[Sprinkler_BLK]

Hello, have some paid the ransome in the last days? Have you got the key?

Yes, I have! Sad, but true. The OP_RETURN string, which is the key, is generated without the DeadBolt team. When you pay "your bill" the blockchain provider generates it for you. So it is quite "simple and secure", if you know what I mean. The most important is as follow. First: the correct address for the transaction. Second: the correct amount. If you do it right the key will be generated correctly. I have not found any entry on the web that something went wrong.

[Sprinkler_BLK]

Hello, I also got hit and now I decided to pay, some important files have been locked also because the backup HDD was connected via USB.
How much more BTC did you send? Is 0,52 BTC sufficient or to much or less?

Everyone can have a different amount ! The only effective option is to check it on your qnap. You should have it on the web login page - the exact address of the transaction and the amount to be deposited. If you don't see it then it's a sign that malware remover removed it like in my case and then it's a bigger problem but passable.

[dolbyman]

@Sprinkler_BLK

You went from help seeker
viewtopic.php?f=45&t=164797&p=827969#p827969
to help offerer (posting social media links and company emails) real fast..I will remove your social media and emails for now as I find it suspicious

[Sprinkler_BLK]

@Sprinkler_BLK

You went from help seeker
viewtopic.php?f=45&t=164797&p=827969#p827969
to help offerer (posting social media links and company emails) real fast..I will remove your social media and emails for now as I find it suspicious

Sounds great ! unfortunately it was QNAP that forced me to learn it so fast. Their Total lack of support knocks me out. What I learned I do not keep to myself. This is how I am now recovering another company affected by the attack.

Ps. you can delete whatever you want .... the accounts I gave are real and you can check my history if you feel like it.

Greetings from Eastern Europe - probably full of criminals, arms dealers etc ROTFL

[dolbyman]

when it comes to crypto, there is lots of shady figures around (see any reddit topic revolving about crypto) ... so, as said, new accounts raise suspicion here..

greetings to Poland...the stolen car capitals of Europe *wink*

[P3R]

It doesn't have to be a scam to be spam...

[Hunty36]

Copy a few files at a time to test. No need to do it all at once.

I will need to figure how to do this.

Does the malware encrypt the file to its own format then delete the original (hence the need for Photorec) or does it encrypt and rename though some other means ?

[Sprinkler_BLK]

when it comes to crypto, there is lots of shady figures around (see any reddit topic revolving about crypto) ... so, as said, new accounts raise suspicion here..

greetings to Poland...the stolen car capitals of Europe *wink*

It was like you said --- at 90'

[FSC830]

I was hit and like some other morons I had let my USB backup drive attached to my Qnap NAS. Lost so much...so I had to pay. I managed to get my wallet working and paid the 0.05 BTC on Friday 23. September. I have not received the OP_RETURN code yet and I am pretty annoyed if I do not get it. However, I read from somewhere here that somebody got the OP_RETURN after 4 days.
I can see that the amount went through and it was 0.05 but some people have paid a little bit more. I wonder if I have to pay a small amount covering the fee that they pay after my 0.05 BTC payment???

This is where are paid: bc1q4dfdt90pqh64ds2kxnkw5zsuxmm3mwvuwt82vd

...

Still no found an OP_RETURN for you. Are you sure, you transferred the correct amount of BTC? 0.05BTC plus the fee for your transaction? If hackers did get less than 0.05BTC no OP_RETURN will be delivered.
About the fee you have to ask your BTC "trader, wallet provider" or whatever this will be called.

Regards

[RufRuf]

I was hit and like some other morons I had let my USB backup drive attached to my Qnap NAS. Lost so much...so I had to pay. I managed to get my wallet working and paid the 0.05 BTC on Friday 23. September. I have not received the OP_RETURN code yet and I am pretty annoyed if I do not get it. However, I read from somewhere here that somebody got the OP_RETURN after 4 days.
I can see that the amount went through and it was 0.05 but some people have paid a little bit more. I wonder if I have to pay a small amount covering the fee that they pay after my 0.05 BTC payment???

This is where are paid: bc1q4dfdt90pqh64ds2kxnkw5zsuxmm3mwvuwt82vd

...

Still no found an OP_RETURN for you. Are you sure, you transferred the correct amount of BTC? 0.05BTC plus the fee for your transaction? If hackers did get less than 0.05BTC no OP_RETURN will be delivered.
About the fee you have to ask your BTC "trader, wallet provider" or whatever this will be called.

Regards

Why are there four transactions (one from as early as 2021) prior to the 23rd Sept transaction? What I have seen, there are usually two. I have basically zero experience of dealing with bitcoin so it might be normal, but it seems different from other payment addresses that I have had a look at during the past month that I have been following the discussion.

[FSC830]

I am also not very familiar with BTC and crypto currencies (not affected by Deadbolt) .
Cant answer your question, have seen different amount of transactions so far (sometimes 2, sometimes 3).
No idea why.
But is off-topic here. Somewhere was an extra thread about Bitcoin.
May be you can continue here or create a new one?

Regards

[Sprinkler_BLK]

I was hit and like some other morons I had let my USB backup drive attached to my Qnap NAS. Lost so much...so I had to pay. I managed to get my wallet working and paid the 0.05 BTC on Friday 23. September. I have not received the OP_RETURN code yet and I am pretty annoyed if I do not get it. However, I read from somewhere here that somebody got the OP_RETURN after 4 days.
I can see that the amount went through and it was 0.05 but some people have paid a little bit more. I wonder if I have to pay a small amount covering the fee that they pay after my 0.05 BTC payment???

This is where are paid: bc1q4dfdt90pqh64ds2kxnkw5zsuxmm3mwvuwt82vd

...

Still no found an OP_RETURN for you. Are you sure, you transferred the correct amount of BTC? 0.05BTC plus the fee for your transaction? If hackers did get less than 0.05BTC no OP_RETURN will be delivered.
About the fee you have to ask your BTC "trader, wallet provider" or whatever this will be called.

Regards

Why are there four transactions (one from as early as 2021) prior to the 23rd Sept transaction? What I have seen, there are usually two. I have basically zero experience of dealing with bitcoin so it might be normal, but it seems different from other payment addresses that I have had a look at during the past month that I have been following the discussion.

in my opinion the payment was made to the wrong bitcoin address or with the wrong amount. from what I read I am not convinced that the victim copied the correct address from his server. other transactions of this type are usually 2 ( mine also: bc1qe4gdhjgj45qckarra7z78glaautg4ggtapwueu). After confirming the payment in the same minute was generated OP_RETURN. Which gives the belief that if everything is correct the rest is done automatically.

[halibomb]

Hi and thanks for all of you who have wrote your opinions here.

I do think still that I did not have an opportunity to copy the wrong BTC account since I returned the ransomnote index page using the notes in the first post.

However, I am angry at myself that I let the QNAP be on when I waited for the QNAP support in two occurences for a couple of days.
Then when I shutdown and a couple of days later had to pull the ransomnote account again I did notice that there was a different account number there.
That is why I suspected that I was hit twice. However, I do not know if the deadbolt would encrypt any files again that were already named with "deadbolt".

When I paid the 0.05 BTC from my wallet I paid a little bit more so that my provider had their costs.
I have seen examples here where the deadbolt account received just 0.05 BTC and then amounts that were a little bit more. Both received their OP_RETURN code.

What is your opinion what is the amount of cost that they needed to pay after I paid 0.05 BTC?
This is where are paid: bc1q4dfdt90pqh64ds2kxnkw5zsuxmm3mwvuwt82vd

Some say that you need to pay exactly 0.05 BTC (like the RABSOMNOTE itself) but then some have paid a little bit more? I will try to pay a little bit more to check this - What are your thoughs?

[davide1984]

Thank's Sprinkler_BLK, and to everyone who helped me.