[RANSOMWARE] >>READ 1st Post<< Deadbolt

[edlin]

I am not able to find the OP_Return after paid the ransom more than 72 hours. Does it take more time recently ?
@bc1qs3er2w3s98e0tca3ztjz2kt7lsk07kqvpw5f2n

[dolbyman]

You can always check the wallet of the criminals..last decryption code was sent out on the 5th

https://www.blockchain.com/explorer/add ... 8ajvsmfjjl

[Zandone]

Maybe anyone has other experiences in restoring the ransom page the way I tried so far?

Did you try the steps listed here:
viewtopic.php?f=45&t=164797&start=1380#p825512

I am still trying to get the ransom page or the adress where to send the ransom. I had some contact with QNAP Support and I was told:
- deadbolt-page could not be restored by QNAP support
- the compromised index.hmtl is missing in the quarantine area
- I shall ask in forums if there is a possibility to pay the ransom without the compromised landing page
- QNAP Support uploaded an encrypted file to https://deadbolt.responders.nu/upload/, got the adress "a450af299a6bc1d850bbfa4f022c865f8e1359427d0b31cbffa17f1da56dae2b" and asks if this is a valid payment adress ( I thought they all begin with "bc...")

Does anybody else have an idea or was in that situation before?

[dolbyman]

check the first page ..the payment adress tool is there

this only works if the infection happened AFTER September 2022

[Zandone]

check the first page ..the payment adress tool is there

this only works if the infection happened AFTER September 2022

Thanks, but I already tried that - did not work, my files were encrypted by an older version of deadbolt.

[dolbyman]

Then you are out of luck

[Bee2000]

Hello, looking for some help/advice (I didn't have a back up yes I know I'm an idiot!)

NAS had not been used for a long time, went to find a file but have been hit with the Deadbolt ransomware.
The autopatch and Malware tool meant I needed to use the SSH/putty method to get the Ransomware page back
The File update dates show as 2022-09-03 04:00:09
Do we know if the version I have can be recovered if I paid?

The request is for 0.05 Bitcoin

[dolbyman]

Just read the first page...key issue is never a guarantee..you are dealing with criminals

[FSC830]

I am not able to find the OP_Return after paid the ransom more than 72 hours. Does it take more time recently ?
@bc1qs3er2w3s98e0tca3ztjz2kt7lsk07kqvpw5f2n

Again a lucky one...

OP_RETURN f692e00c47a09b60e3101502c9303f46

Regards

[Wooders1973]

Sorry to annoy people by asking but can anybody keep a look out for an Op_Return for a payment i made today to bc1qesp2u4s8wdxskyjyfyqaskfepwdkpq2nr6f3wf

Appreciate it may be a few days for it to come through.

[dolbyman]

And you can't keep an eye on it yourself?

Just check that link here once a day
https://www.blockchain.com/explorer/add ... pq2nr6f3wf

[Wooders1973]

And you can't keep an eye on it yourself?

Just check that link here once a day
https://www.blockchain.com/explorer/add ... pq2nr6f3wf

I can check it but I’m unsure where I’m looking on this page, I was only asking for help as people like you understand how this works.

Sorry if my inability to understand this upsets you.

[dolbyman]

on the linked page it currently says "1 transactions" ..wait and see when/if says "2 transactions"

You apparently figured out how to pay the criminals in crypto, checking the transaction/wallet status should be a breeze

[Wooders1973]

on the linked page it currently says "1 transactions" ..wait and see when/if says "2 transactions"

You apparently figured out how to pay the criminals in crypto, checking the transaction/wallet status should be a breeze

Thank you for the help. Once I have 2 transactions I click on the link of the 2nd transaction to see the Op_Return, is that right?

It has taken a couple of months to work out the payments and i’m hoping getting the Op_Return will be a breeze as you say.

Sorry i am not good at this.

[FSC830]

If entry shows 2 transaction the OP_Return is listed at page.
Last time the return lasts some days, so be patient.

Regards