Bitcoin Forum
September 21, 2018, 05:06:54 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: con a ransomeware maker  (Read 243 times)
johnsmith1337
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
September 08, 2018, 03:31:43 AM
 #1

Hi dears

the hacker ask about 15k worth of bitcoin for the decryption Sad

i don't have that such amount, anything well help

i read about double spend , and unconfirmed transaction

kind regards
1537506414
Hero Member
*
Offline Offline

Posts: 1537506414

View Profile Personal Message (Offline)

Ignore
1537506414
Reply with quote  #2

1537506414
Report to moderator
1537506414
Hero Member
*
Offline Offline

Posts: 1537506414

View Profile Personal Message (Offline)

Ignore
1537506414
Reply with quote  #2

1537506414
Report to moderator
1537506414
Hero Member
*
Offline Offline

Posts: 1537506414

View Profile Personal Message (Offline)

Ignore
1537506414
Reply with quote  #2

1537506414
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
nc50lc
Full Member
***
Online Online

Activity: 350
Merit: 134


∙Self-proclaimed-Genius ㊙️


View Profile WWW
September 08, 2018, 06:07:13 AM
 #2

Going to the nearest (& reputable) computer repair center is way more cheaper and safer than paying that amount or asking someone from the net.
Unless the PC is on the technician's hands, you'll get more inconsistencies than results.

Alternatively, just wipe it out.
If you've lost your wallets, an offline backup or written seed & private keys are good enough to decide a "zero-fill" the disk.
Is there something worth recovering from that PC that's keeping you from wiping the disk or are you looking for a pure "back at you" attempt?

(っ◕‿◕)っ Newbies and Newbies at heart! Remember to Lock your Thread(s) after receiving enough replies/sufficient answers. 
FEELING GENEROUS?: 39EKeFj43inkH6Ctkosh9E7oskx3tvhSXi ∙ Do not buy non-mainstream ASICs at second-batch and onwards, you know the risk!
johnsmith1337
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
September 08, 2018, 06:43:34 AM
 #3

the issue it contain the pharmacy data (customers,bills) we are now out of bussness Sad
nc50lc
Full Member
***
Online Online

Activity: 350
Merit: 134


∙Self-proclaimed-Genius ㊙️


View Profile WWW
September 08, 2018, 07:12:38 AM
 #4

the issue it contain the pharmacy data (customers,bills) we are now out of bussness Sad
I'm afraid that this isn't Bitcoin-related in terms of technical support.
Usually, those hackers and are just using Bitcoins as the "ransom money" because it's widely used and with the help of "mixing services", transactions could become anonymous.
The ransomware malware and viruses however, aren't directly linked to Bitcoin's protocols.

I'd suggest to shut it down (don't do anything) until you get someone who's knowledgeable on this (there's a couple of OS-related automated backups that can undo this that can be affected by the virus/malware if stayed active).
Most users here wont be able to help you with your issue, you really need to consult a good Computer Technician for this.

(っ◕‿◕)っ Newbies and Newbies at heart! Remember to Lock your Thread(s) after receiving enough replies/sufficient answers. 
FEELING GENEROUS?: 39EKeFj43inkH6Ctkosh9E7oskx3tvhSXi ∙ Do not buy non-mainstream ASICs at second-batch and onwards, you know the risk!
bob123
Hero Member
*****
Offline Offline

Activity: 686
Merit: 566



View Profile WWW
September 08, 2018, 07:31:45 AM
Merited by suchmoon (4), vapourminer (1)
 #5

Do NOT pay the ransom.

You are NOT GUARANTEED to get the decryption key once you have paid the ransom. Some don't even have a decryption key anymore or simply just wipe the whole drive.

The best is to ignore the warning, disconnect all affected drives and put them aside. DON'T TOUCH THE DRIVES ANYMORE.
If you have backups, use them.

Decryption tools emerge decently fast after a new ransomware has been found.
At least as long there is a possibility of reverse engineering the key or compromising the c&c server.
Most ransomwares do have either backdoors, are bad implemented, or have a vulnerability to retrieve the decryption key(s) from the server. The chances are relatively high of getting files back if you have the time to wait.


You may have been infected with an old ransomware. Can you please post a picture (e.g. take a picture with your mobile, upload it to https://imgur.com/, give us the link) of the ransom screen ?
Also, what ending do the files have ? This is necessary to know to find out which kind of ransomware this is.

It is CRUCIAL to know which malware EXACTLY you are infected with. This fully determines the next possible steps for you to take (especially since you are running a business).

johnsmith1337
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
September 08, 2018, 08:29:36 AM
 #6

what about trick the hacker with double spend or unconfirmed transaction ?
bob123
Hero Member
*****
Offline Offline

Activity: 686
Merit: 566



View Profile WWW
September 08, 2018, 09:04:13 AM
 #7

what about trick the hacker with double spend or unconfirmed transaction ?

No. That won't work.

First, you are never guaranteed to succeed in a double spend of a 0-conf-transaction.
Second, you won't get the decryption key (if you do at all) before the transaction has a few confirmations.

But the majority of ransom wares do NOT give out the decryption key after paying the ransom. That would be way too much infra structure needed.


Please post WHICH ransomware you got infected with. There might be free decryption tools already.

cissrawk
Sr. Member
****
Offline Offline

Activity: 616
Merit: 364


Need video promotion? https://goo.gl/QN55ZH


View Profile WWW
September 08, 2018, 09:58:38 AM
 #8

Don't pay anything to that hacker, i read a story on another forum if the hacker doesn't give your files back or key to decrypt it after he paid him.
Did you already check the ransom decryptor? Some antivirus company create it for free, such as McAfee, AVG, Kaspersky and Bitdefender. Just take a look at the last extension on your files (ex : ransom.jpg.ransom) and try to find the decryptor. However, not all ransom have decryptor, you maybe can contact some antivirus company to create the decryptor (probably will not free).

Actually, there's a community that offer free if you have the ransom note and encrypted file, just send it to them. MalwareHunterTeam, but idk if they can help you or not.

███▄                 ▄███           ▄▄███▀▀█▄▄                   ▄▄█████▄▄           ███▄               ███    ▀██▄             ▄██▀
█████               ▄████       ▄▄████▄█ ██ ████▄▄           ▄▄████▀▀▀▀▀████▄▄       █████              ███      ███           ███
██████             ██████      ▀▀██▄█████▄▄███▄█▀▀▀         ███▀▀         ▀▀███      ███▀██▄            ███       ▀██▄       ▄██▀
███▀███▄         ▄██▀ ███     ███▄▀███▀████████ ████       ███               ███     ███  ███           ███         ███     ███
███  ▀███       ███▀  ███    █████ █████████  █▄▀▀▀▄█     ███                 ███    ███   ▀██▄         ███          ▀██▄ ▄██▀
███    ███▄   ▄███    ███   ▀████▀▄██████▀█████████▀██   ███                   ███   ███     ███        ███            ▀███▀
███     ▀███▄███▀     ███   █▄▄▄▄███  ████████▀███████   ███                   ███   ███      ▀██▄      ███            █████
███       █████       ███   ██▀██████████▀████████████   ███                   ███   ███        ███     ███           ██▀ ▀██
███        ▀█▀        ███    ███████▀████████▀▀▀███▄█     ███                 ███    ███         ▀██▄   ███         ▄██▀   ▀██▄
███                   ███
     █  █▀█████████ ███ ███       ███               ███     ███           ███  ███        ██▀       ▀██
███                   ███
      █████▀▄▄▀█▄██▄▀▀▀▄██         ███▄▄         ▄▄███      ███            ▀██▄███      ▄██▀         ▀██▄
███                   ███
       ▀▀██▄▀▀▄███▀████▀▀           ▀▀████▄▄▄▄▄████▀▀       ███              █████     ███             ███
███                   ███
           ▀▀██████▀▀                   ▀▀█████▀▀           ███               ▀███   ▄██▀               ▀██▄
.
.TRADE, EARN & OWN THE EXCHANGE
████   WHITEPAPER    FACEBOOK    TWITTER    LINKEDIN    TELEGRAM    CRUNCHBASE   ████
|FREETRADING &
ICO LISTING
|SUPERIORTO NASDAQ
AND LSE
|US$ 29MRAISED IN
2 WEEKS
|
[]
johnsmith1337
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
September 08, 2018, 03:00:03 PM
 #9

can i make a transaction who never confirmed or  canceled later or un-confirmed transaction ?
any thing guarantie the money don't go to him
BrewMaster
Hero Member
*****
Offline Offline

Activity: 938
Merit: 630


There is trouble abrewing


View Profile
September 08, 2018, 03:22:03 PM
 #10

can i make a transaction who never confirmed or  canceled later or un-confirmed transaction ?
any thing guarantie the money don't go to him

no there are none.
besides the hacker would probably wait for the transaction to confirm before doing anything and as bob said above they do NOT give you anything even if you pay them.
on top of that there are ways to make an unconfirmed transaction confirm faster by increasing its priority. for example by using CPFP. so you may end up conning yourself trying to con the hacker!

cissrawk
Sr. Member
****
Offline Offline

Activity: 616
Merit: 364


Need video promotion? https://goo.gl/QN55ZH


View Profile WWW
September 08, 2018, 03:38:41 PM
 #11

can i make a transaction who never confirmed or  canceled later or un-confirmed transaction ?
any thing guarantie the money don't go to him
I bet the hacker already know how the bitcoin work, and he will wait the transaction confirmed first before he send you a decryptor.
If you don't want send money to that hacker, then just don't send it. After bitcoin transaction get confirmed, then you can't reverse it or cancel it.

███▄                 ▄███           ▄▄███▀▀█▄▄                   ▄▄█████▄▄           ███▄               ███    ▀██▄             ▄██▀
█████               ▄████       ▄▄████▄█ ██ ████▄▄           ▄▄████▀▀▀▀▀████▄▄       █████              ███      ███           ███
██████             ██████      ▀▀██▄█████▄▄███▄█▀▀▀         ███▀▀         ▀▀███      ███▀██▄            ███       ▀██▄       ▄██▀
███▀███▄         ▄██▀ ███     ███▄▀███▀████████ ████       ███               ███     ███  ███           ███         ███     ███
███  ▀███       ███▀  ███    █████ █████████  █▄▀▀▀▄█     ███                 ███    ███   ▀██▄         ███          ▀██▄ ▄██▀
███    ███▄   ▄███    ███   ▀████▀▄██████▀█████████▀██   ███                   ███   ███     ███        ███            ▀███▀
███     ▀███▄███▀     ███   █▄▄▄▄███  ████████▀███████   ███                   ███   ███      ▀██▄      ███            █████
███       █████       ███   ██▀██████████▀████████████   ███                   ███   ███        ███     ███           ██▀ ▀██
███        ▀█▀        ███    ███████▀████████▀▀▀███▄█     ███                 ███    ███         ▀██▄   ███         ▄██▀   ▀██▄
███                   ███
     █  █▀█████████ ███ ███       ███               ███     ███           ███  ███        ██▀       ▀██
███                   ███
      █████▀▄▄▀█▄██▄▀▀▀▄██         ███▄▄         ▄▄███      ███            ▀██▄███      ▄██▀         ▀██▄
███                   ███
       ▀▀██▄▀▀▄███▀████▀▀           ▀▀████▄▄▄▄▄████▀▀       ███              █████     ███             ███
███                   ███
           ▀▀██████▀▀                   ▀▀█████▀▀           ███               ▀███   ▄██▀               ▀██▄
.
.TRADE, EARN & OWN THE EXCHANGE
████   WHITEPAPER    FACEBOOK    TWITTER    LINKEDIN    TELEGRAM    CRUNCHBASE   ████
|FREETRADING &
ICO LISTING
|SUPERIORTO NASDAQ
AND LSE
|US$ 29MRAISED IN
2 WEEKS
|
[]
coin-investor
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500


View Profile
September 08, 2018, 03:42:35 PM
 #12

the issue it contain the pharmacy data (customers,bills) we are now out of bussness Sad

That's surprising these kinds of data needs protection what kind or brand of anti virus are you using and tell us the details on how did this things happen, that kind of malware are now detectable now because they are exposed and anti malwares now have a features that can detect that


██████████
██████████████
████████████
██████████  ███
███████████████████████
████████████████████
███████████████████████
█████████████████████████
███████████████████████
███████████████████████
███████████████████

 
 
 
  ▄                          ▄▄████▄   
  ██▄                  ▄██████████▀
  ████▄▄            ███████████▀
  ▀███████▄▄▄▄███████████
  ██████████████████████▀
  ▀█████████████████████
      ███████████████████▀
      ▀█████████████████▀
          ▀▀████████████▀
▄▄▄▄▄███████████▀▀
    ▀▀▀▀████▀▀▀▀
 
TWITTER

 
 
                              ▄▄██
                    ▄▄███▀███
        ▄▄▄█████▀  ▄███▀
  ▄███████▀  ▄██████
      ▀▀▀▀    ▄███████▀
            █  █████████
            ▀▄█▀  ▀█████
              ▀▀        ▀▀█
TELEGRAM

 
      ▄▄▄▄▄▄
   ▄████████
   █████▀▀▀▀
   █████
██████████
▀▀█████▀▀▀
   ▐████
   ▐████
   ▐████
FB

 
 
    ██▄▄  ▄▄▄▄▄▄  ▄▄██
    ████████████████
  ▄████████████████▄
▄██████████████████▄
████████████████████
  ██████████████████ 
  ▀████████████████▀
        ▀▀▀██████▀▀▀
            ████████
           █████████
         ███████████
         ███████████
GITHUB


██
██
██
██
██
██
██
██
██
██
██
  █
PRESALE starts on August 10
ICO starts on September 10


██
██
██
██
██
██
██
██
██
██
██
  █

 
   ▄██████████████████▄
   █████▀▀█████████████
   █████        ▀██████████
   █████              ▀▀██████
   █████                    █████
   █████              ▄▄██████
   █████        ▄██████████
   █████▄▄█████████████
     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
YOUTUBE
johnsmith1337
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
September 08, 2018, 07:24:04 PM
 #13

the issue it contain the pharmacy data (customers,bills) we are now out of bussness Sad

That's surprising these kinds of data needs protection what kind or brand of anti virus are you using and tell us the details on how did this things happen, that kind of malware are now detectable now because they are exposed and anti malwares now have a features that can detect that

at least can you help me to try and mix it with social engineer ?

any way to sign a transaction with an amount i don't have it in my wallet
bob123
Hero Member
*****
Offline Offline

Activity: 686
Merit: 566



View Profile WWW
September 08, 2018, 07:28:16 PM
 #14

any way to sign a transaction with an amount i don't have it in my wallet

No.

Either search for a decryption tool for your specific ransomware, or live with the fact that your data is gone.

hugeblack
Sr. Member
****
Offline Offline

Activity: 448
Merit: 346

Avatar 4 rent / Sig Designer https://goo.gl/34QBYf


View Profile WWW
September 09, 2018, 07:02:13 AM
 #15

Why do all your questions focus on learning "how to scam others the hacker" rather than concentrate on restoring your files?
Restoring your files will be much easier than doing those operations so stop thinking about it.
what about trick the hacker with double spend or unconfirmed transaction?

can i make a transaction who never confirmed or  canceled later or un-confirmed transaction ?

any way to sign a transaction with an amount I don't have it in my wallet
In general, look for a solution at the nearest computer specialist.
Do not pay to anyone before asking him to use an escrow service.

Tallay
Newbie
*
Offline Offline

Activity: 54
Merit: 0


View Profile
September 12, 2018, 06:46:23 PM
 #16

Do they actually have the decryption key, or they just already have cleaned your drive? So don’t give the money without being sure. There are many ways to take back the encryption by reverse engineering which will be less costly.
SDRebel
Hero Member
*****
Offline Offline

Activity: 550
Merit: 501


View Profile
September 13, 2018, 06:56:30 AM
 #17

the issue it contain the pharmacy data (customers,bills) we are now out of bussness Sad

That's surprising these kinds of data needs protection what kind or brand of anti virus are you using and tell us the details on how did this things happen, that kind of malware are now detectable now because they are exposed and anti malwares now have a features that can detect that

at least can you help me to try and mix it with social engineer ?

any way to sign a transaction with an amount i don't have it in my wallet

bitcoin is built to not do exactly what you want to do. No, what you want to do is not possible and that is the idea of bitcoin
e.g. you can't charge back and you can't fake a transaction" - which is what you want to do even though you are not using those words
GreotDollyce
Newbie
*
Offline Offline

Activity: 95
Merit: 0


View Profile
September 16, 2018, 01:35:08 PM
 #18

It will be better if you do not follow the instructions that are given to you by the hackers. Because the chances are high that they are just planning to extract money from you without fulfilling their end of the bargain.
aleksej996
Sr. Member
****
Offline Offline

Activity: 406
Merit: 299


Do not trust the government


View Profile WWW
September 16, 2018, 02:21:57 PM
 #19

A lot of people here will instruct you to not pay the ransom.
I disagree, if you don't have a choice. If the data is worth to you more than double the amount that you will pay for example, you might want to risk it and pay the ransom.

In future please be more careful and for god's sake, don't run Windows on important systems.
Especially not outdated versions like Windows XP.

Best you can do is inform yourself more about the specific ransomware that you got infected with and inform us so we can try to help you.
Do not come here expecting that you will get out of this without paying for your mistake.

░░░░░░░▄▄▄▄▄▄
░░░░▄██████████▄
░░░██████████████
░░██████▐▌██████
█████░░░░░░░▀█████
██████▄▄░░▄▄░░██████
████████░░▀▀▄██████
████████░░▄▄▄░░█████
██████▀▀░░▀▀▀░░█████
█████░░░░░░░░█████
░░██████▐▌██████
░░░██████████████
░░░░▀██████████▀
░░░░░░░▀▀▀▀▀▀
░░░

                   BitCloak Bitcoin Mixer  
  BTC & BCH | API| MULTIADDRESS| PGP PROOF|  FAST MIX |  ESCROW|  MORE !

░░░░░░░▄▄▄▄▄▄
░░░░▄██████████▄
░░░██████████████
░░██████▐▌██████
█████░░░░░░░▀█████
██████▄▄░░▄▄░░██████
████████░░▀▀▄██████
████████░░▄▄▄░░█████
██████▀▀░░▀▀▀░░█████
█████░░░░░░░░█████
░░██████▐▌██████
░░░██████████████
░░░░▀██████████▀
░░░░░░░▀▀▀▀▀▀
░░░

seoincorporation
Legendary
*
Offline Offline

Activity: 1106
Merit: 1144


BtcBoss


View Profile
September 16, 2018, 03:23:59 PM
 #20

what about trick the hacker with double spend or unconfirmed transaction ?

That will not work, because to make a double spend you need to send other transaction with the same inputs before the other one confirm, for the next block one of them will confirm and the other one will be tagged as double spend. For sure the software should wait for a confirmation, if it's a double spend it never will get that confirm. The ransomeware you describe sound like the wanna cry, maybe with the microsoft patch you can fix the problem   

https://answers.microsoft.com/en-us/windows/forum/windows_10-security-winpc/wanna-cry-ransomware-update-5212017-fix/5afdb045-8f36-4f55-a992-53398d21ed07

At end if your only option is to pay them, remember that your information has been already compromised, nothing warrant you they will not keep a copy. So, good luck, if some day you want to avoid that kind of ransomware here is the final solution: https://www.ubuntu.com/download/desktop  Wink

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!