Chat – Stéphane De Greef

juin 12, 2025
0

Negotiation chat with different groups

Akira

20230529 – 7 message(s) voir chat
20230606 – 13 message(s) voir chat
20230616 – 80 message(s) voir chat
20230628 – 5 message(s) voir chat
20230707 – 37 message(s) voir chat
20230719 – 4 message(s) voir chat
20230722 – 9 message(s) voir chat
20230727 – 72 message(s) voir chat
20230728 – 5 message(s) voir chat
20230815 – 84 message(s) voir chat
20230929 – 58 message(s) voir chat
20231112 – 58 message(s) voir chat
20231115 – 81 message(s) voir chat
20231209 – 112 message(s) voir chat
20231217 – 67 message(s) voir chat
20231227 – 74 message(s) voir chat
20240127 – 41 message(s) voir chat
20240129 – 70 message(s) voir chat
20240131 – 75 message(s) voir chat
20240201 – 40 message(s) voir chat
20240301 – 43 message(s) voir chat
20240317 – 8 message(s) voir chat
20240329 – 65 message(s) voir chat
20240410 – 16 message(s) voir chat
20240424 – 70 message(s) voir chat
20240509 – 170 message(s) voir chat
20240531 – 55 message(s) voir chat
20240611 – 50 message(s) voir chat
20240618 – 53 message(s) voir chat
20240620 – 7 message(s) voir chat
20240718 – 105 message(s) voir chat
20240719 – 6 message(s) voir chat
20240723 – 43 message(s) voir chat
20240803 – 34 message(s) voir chat
20250104 – 13 message(s) voir chat
20250108 – 10 message(s) voir chat
20250110 – 7 message(s) voir chat
20250112 – 44 message(s) voir chat
20250117 – 70 message(s) voir chat
20250120 – 7 message(s) voir chat
20250121 – 26 message(s) voir chat
20250125 – 9 message(s) voir chat
20250216 – 14 message(s) voir chat
20250217 – 13 message(s) voir chat
20250222 – 72 message(s) voir chat
20250227 – 56 message(s) voir chat
20250306 – 9 message(s) voir chat
20250310 – 24 message(s) voir chat
20250312 – 20 message(s) voir chat
20250313 – 43 message(s) voir chat
20250321 – 25 message(s) voir chat
20250328 – 39 message(s) voir chat
20250330 – 15 message(s) voir chat
20250331 – 6 message(s) voir chat
20250408 – 12 message(s) voir chat
20250417 – 59 message(s) voir chat
20250423 – 65 message(s) voir chat
20250424 – 12 message(s) voir chat
20250425 – 6 message(s) voir chat
20250425b – 15 message(s) voir chat

Avaddon

20210112 – 25 message(s) voir chat
20210324 – 73 message(s) voir chat
20210430 – 103 message(s) voir chat
20210512 – 35 message(s) voir chat
20210518 – 17 message(s) voir chat
20210518_2 – 24 message(s) voir chat
20210518_3 – 103 message(s) voir chat

Avos

20210903 – 86 message(s) voir chat

Babuk

20210203 – 106 message(s) voir chat
20210428 – 44 message(s) voir chat

BlackBasta

20221011 – 50 message(s) voir chat
20221229 – 50 message(s) voir chat
20230410 – 57 message(s) voir chat
20230501 – 50 message(s) voir chat
20240814 – 50 message(s) voir chat

BlackMatter

20210829 – 44 message(s) voir chat
20210907 – 77 message(s) voir chat

Cloak

20230802-2 – 66 message(s) voir chat
20230802 – 54 message(s) voir chat

Conti

20201017 – 78 message(s) voir chat
20201019 – 9 message(s) voir chat
20201109 – 255 message(s) voir chat
20201121 – 6 message(s) voir chat
20201230 – 146 message(s) voir chat
20210107 – 139 message(s) voir chat
20210126 – 9 message(s) voir chat
20210219 – 12 message(s) voir chat
20210305 – 45 message(s) voir chat
20210315 – 49 message(s) voir chat
20210316 – 63 message(s) voir chat
20210426 – 12 message(s) voir chat
20210428 – 13 message(s) voir chat
20210513 – 78 message(s) voir chat
20210517 – 56 message(s) voir chat
20210517_b – 69 message(s) voir chat
20210520 – 101 message(s) voir chat
20210602 – 81 message(s) voir chat
20210611 – 48 message(s) voir chat
20210628 – 34 message(s) voir chat
20210708 – 25 message(s) voir chat
20210715 – 10 message(s) voir chat
20210805 – 47 message(s) voir chat
20210812 – 46 message(s) voir chat
20210820 – 50 message(s) voir chat
20210902 – 43 message(s) voir chat
20210904 – 17 message(s) voir chat
20210923 – 14 message(s) voir chat
20211108 – 32 message(s) voir chat
20211112 – 32 message(s) voir chat
20211205 – 63 message(s) voir chat
20211217 – 27 message(s) voir chat

Darkside

20200811 – 85 message(s) voir chat
20201115 – 243 message(s) voir chat
20210215 – 24 message(s) voir chat
20210413 – 63 message(s) voir chat
20210418 – 10 message(s) voir chat

Dragonforce

058f4b92-ae99-45c7-bf35-5d2d6754b3de – 19 message(s) voir chat
05f724f8-906e-4739-8177-815852cc2c3f – 29 message(s) voir chat
29BBE03074FDBB8D – 10 message(s) voir chat
7A313D13EB6B4E58 – 32 message(s) voir chat
89716D29D2CEE36F – 23 message(s) voir chat
AB0404E049514B50 – 28 message(s) voir chat
BD004D632D87DBA0 – 25 message(s) voir chat
C2A3C7249797F5ED – 66 message(s) voir chat
C42CDF65B97D0E92 – 30 message(s) voir chat
C7CD31EAAF9DE9AC – 71 message(s) voir chat
C8479B30418B331E – 4 message(s) voir chat
D6DDD9B26D7D41DB – 14 message(s) voir chat
FDA8141B6DD392E3 – 10 message(s) voir chat
b8e14e1a-548f-4eec-bd6e-a590126e57c9 – 14 message(s) voir chat

Hive

20211004 – 70 message(s) voir chat
20211005 – 19 message(s) voir chat
20211026 – 46 message(s) voir chat
20211102 – 58 message(s) voir chat
20211113 – 136 message(s) voir chat
20211126 – 4 message(s) voir chat
20211213 – 15 message(s) voir chat
20211220 – 24 message(s) voir chat

Hunters International

20240510 – 29 message(s) voir chat

Mallox

20230427 – 62 message(s) voir chat
20230529 – 29 message(s) voir chat
20230530 – 17 message(s) voir chat

NoEscape

20230911 – 6 message(s) voir chat
20230912 – 4 message(s) voir chat

Pear

20250720 – 42 message(s) voir chat

Qilin

20240429 – 3 message(s) voir chat
20250203 - from @RakeshKrish12 – 36 message(s) voir chat

REvil

20201014 – 72 message(s) voir chat
20201104 – 63 message(s) voir chat
20201126 – 79 message(s) voir chat
20210320 – 13 message(s) voir chat
20210329 – 43 message(s) voir chat
20210331 – 23 message(s) voir chat
20210401 – 78 message(s) voir chat
20210407 – 15 message(s) voir chat
20210413 – 156 message(s) voir chat
20210603 – 63 message(s) voir chat
20210604 – 10 message(s) voir chat
20210609 – 58 message(s) voir chat
20210613 – 132 message(s) voir chat
20210616 – 31 message(s) voir chat
20210617 – 67 message(s) voir chat
20210622 – 52 message(s) voir chat
20210628 – 39 message(s) voir chat
20210630 – 42 message(s) voir chat
20210708 – 28 message(s) voir chat
20210709 – 1 message(s) voir chat

RansomHub

20240810 – 1 message(s) voir chat

Ranzy

20201015 – 36 message(s) voir chat
20210223 – 20 message(s) voir chat

RunSomeWares

20250411 – 27 message(s) voir chat

fog

20240517 – 27 message(s) voir chat
20240729 – 144 message(s) voir chat
20240830 – 73 message(s) voir chat
20240910 – 26 message(s) voir chat
20240927 – 60 message(s) voir chat
20241119 – 3 message(s) voir chat

lockbit3.0

**************************149576 – 17 message(s) voir chat
Leaked2025-ClientID-124 – 55 message(s) voir chat
Leaked2025-ClientID-154 – 137 message(s) voir chat
Leaked2025-ClientID-206 – 4 message(s) voir chat
Leaked2025-ClientID-36 – 55 message(s) voir chat
aguasdoporto_pt – 3 message(s) voir chat
bakkerheftrucks_com – 27 message(s) voir chat
bankbsi_co_id – 27 message(s) voir chat
chsf_fr – 42 message(s) voir chat
colonialgeneral_com – 25 message(s) voir chat
continental_com – 37 message(s) voir chat
datair_com – 106 message(s) voir chat
emunworks_com – 8 message(s) voir chat
entrust_com – 29 message(s) voir chat
gavresorts_com_br – 6 message(s) voir chat
genusplc_com – 34 message(s) voir chat
gocontec_com – 52 message(s) voir chat
guardiananalytics_com – 27 message(s) voir chat
hgc_com_hk – 8 message(s) voir chat
kaycan_com – 94 message(s) voir chat
lapostemobile_fr – 93 message(s) voir chat
millennia_pro – 43 message(s) voir chat
myerspower_com – 99 message(s) voir chat
newbridge_org – 70 message(s) voir chat
nicklaus_com – 43 message(s) voir chat
okcu_edu – 56 message(s) voir chat
omscomponents_it – 66 message(s) voir chat
plasticproductsco_com – 28 message(s) voir chat
porcelanosa-usa_com – 8 message(s) voir chat
preflooring_com – 17 message(s) voir chat
psenergy_com – 25 message(s) voir chat
qsi-q3_de – 20 message(s) voir chat
royalmailgroup_com – 103 message(s) voir chat
samyang_com – 237 message(s) voir chat
scohil_com – 29 message(s) voir chat
sirva_com – 78 message(s) voir chat
software-line_it – 30 message(s) voir chat
tapcocu_org – 215 message(s) voir chat
vitalityhp_net – 73 message(s) voir chat
vsainc_com – 21 message(s) voir chat
wabteccorp_com – 39 message(s) voir chat
wcinet_com – 34 message(s) voir chat

mount-locker

20201016 – 60 message(s) voir chat

trinity

0001 – 2 message(s) voir chat
0002 – 52 message(s) voir chat
0003 – 298 message(s) voir chat
0004 – 170 message(s) voir chat
0005 – 14 message(s) voir chat
0006 – 11 message(s) voir chat
0007 – 36 message(s) voir chat
0008 – 13 message(s) voir chat
0009 – 6 message(s) voir chat
0010 – 8 message(s) voir chat
0011 – 50 message(s) voir chat
0012 – 15 message(s) voir chat
0013 – 32 message(s) voir chat
0014 – 6 message(s) voir chat

Victim 20/08/2021, 23:27:05

Please help us in decrypting the files

Conti 20/08/2021, 23:32:29

We will provide details on how to proceed shorty. 10-15 minutes.

Conti 20/08/2021, 23:48:25

As you already know - your network and all of your data were encrypted by CONTI team. Besides the encryption process we've downloaded a large pack of your internal documents and files that will be published in case our negotiations fail. How it happens can be seen on our website
The recovery price is $980000 (20.02 btc). If you want to make sure we can recover all of your data - you can send us the two files of your choice and we will decrypt them free of charge.
If we reach mutual agreement your will be provided with decryption tool, none of your internal data will be published and you will be provided with security tips on how to avoid further breaches.
We strongly recommend to review our offer in a timely manner.

Victim 22/08/2021, 02:15:37

Are we able to see what is in that larger pack of documents that you took from us? This is a lot of money for us to pay without knowing what we are paying to protect.

Conti 22/08/2021, 02:18:32

Yes, sure. Will upload asap.

Conti 23/08/2021, 00:12:44

listing_[redacted].rar [ 1.8MB ]

Conti 23/08/2021, 00:18:31

[redacted]DATA.zip [ 74.2MB ]

Conti 23/08/2021, 00:34:34

Upon conclusion of the agreement, our price includes
1) Universal decryptor for your network
2) Permanently delete all stolen information + logs of removing
3) Security advisories and report how we infiltrated your system
---
You can choose any 2 files from the listing, we will discard them as proof that the files were really stolen
You can also send 2 files for a free decrypt
HIDE

Conti 23/08/2021, 00:35:09

How quickly do you want to conclude an agreement?

Victim 23/08/2021, 00:35:48

Quickly, but we need some time tomorrow to review what you sent. It's late on a Sunday and no one is here. We'll get you an update tomorrow.

Victim 24/08/2021, 02:03:09

Hello. We have spent the day reviewing and wanted to see if you would be able to accept $228,000 in return for a quick payment tomorrow. We can start looking for bitcoin brokers in the morning if this is acceptable.

Conti 24/08/2021, 02:12:53

No. We can give a small discount for speed
Do you need a decryptor and data deletion?

Victim 24/08/2021, 05:55:35

Yes we need both. We will work to pay quickly. What can you do to help us?

Conti 24/08/2021, 06:01:15

Good
If you pay until the end of the week - Discount% 30
$ 680.000

Victim 24/08/2021, 06:02:48

Ok, it's late here so I will bring this to the team first thing in the morning. Thank you.

Victim 24/08/2021, 18:59:30

Thanks for being patient with us. I had a chance to talk with our finance team after they spoke with our primary bank today. We have the ability to take out a $60,000 loan which we can offer you. This would set us up to be able to pay you $288,000. We would really appreciate it if we can come to some sort of agreement as we have exhausted our options to come up with cash for you. I'm doing all I can here to get approvals and such, but it's just posing to be challenging.

Conti 24/08/2021, 21:53:09

We see what you want to conclude an agreement and can make a small step
$ 630.000

Conti 24/08/2021, 21:53:31

[redacted] - until the end of the week

Victim 24/08/2021, 23:18:45

Thanks. I will get in touch with our finance team and CEO in the morning to see what they are able to find. I know that they had not had positive news with our secondary bank given that someone told them it was for a ransom and they declined our application. Is there any BEST price that we could pay if we agreed on something tomorrow? Right now you are asking for more than double what we can possibly offer you, so maybe there is some benefit if we can pay you fast?

Conti 25/08/2021, 03:54:43

We can make it $500k if we close the deal tomorrow.

Victim 25/08/2021, 04:26:28

Ok let me get the team together in the morning and I will get back to you. Thank you.

Victim 25/08/2021, 16:06:51

Ok, I was able to have a meeting with the finance team and CEO to discuss your proposal. We really appreciate your willingness to come down for us in return for a quick payment. The team had been able to confirm that if paid today, we can offer $330,000. But we would need to know soon because there are some hurdles on our end to try to get a payment out today.

Conti 25/08/2021, 16:09:49

$500.000
today.

Victim 25/08/2021, 16:13:12

We don't have access to $500,000 today, tomorrow, next week, or any time. We are trying to giving you our best offer that we can here, because anything higher is impossible for us to pay you.

Conti 25/08/2021, 17:18:14

Do you remember that we've had access to your network and went through your financial data? We wouldn't ask for anything you are unable to afford.

Victim 25/08/2021, 17:22:29

Yes, but if you saw our expenses you would see that our margins are extremely slim. Our industry relies on being the most affordable option, which means accepting slim margins to get work. Revenue may look good, but when we realize only 2% to 4%, you start to see that we are not extremely profitable

Conti 25/08/2021, 17:26:01

I'll talk to the team anyways, will try to get smth better but not sure if my boss agrees.

Victim 25/08/2021, 17:30:23

Thank you. I know you guys are looking to make money off of us, but we just want to be realistic with you here regarding what we can actually pay.

Conti 25/08/2021, 17:59:48

350k$ today

Victim 25/08/2021, 21:08:15

Okay, we are working on this

Victim 25/08/2021, 22:50:42

Will you be around in about 1-2 hours? We should have the funds sent to you by then

Conti 25/08/2021, 22:52:14

Victim 25/08/2021, 23:28:50

Payment has been sent

Victim 25/08/2021, 23:50:40

Are you there?

Conti 25/08/2021, 23:52:22

yes

Conti 25/08/2021, 23:52:49

We expect confirmations

Conti 26/08/2021, 00:37:18

[redacted]_decryptor.exe [ 103kB ]

Conti 26/08/2021, 00:37:46

Decryptor:
1) Launch the decryptor under Administrative rights
2) Wait till the decryptor window is closed
3) if any of the files haven't changed the extension back to the original - repeat 1 and 2

Victim 26/08/2021, 02:30:51

Thank you, what about the log for removing the stolen information and the security advisories and report? When will we receive those?

Victim 26/08/2021, 20:31:17

Hello?

Conti 26/08/2021, 20:36:46

wait please

Conti 26/08/2021, 20:37:31

- We recommend that you configure restrictions on system actions for ordinary users on all workstations.
- Change passwords every 2 weeks and create more complex
- Install an antivirus on every computer
- Disable lsas dump on all computers
- Monitoring of users on the network 2 times a week
- Restrict access to servers for regular users
- Reduce the number of domain admins
- Set up a more complex data backup system

Conti 27/08/2021, 03:02:06

[redacted].log [ 16.2MB ]

Victim 27/08/2021, 15:09:23

Thank you. Are you able to share the exact computer and method used to access our network?

Victim 27/08/2021, 18:23:16

Why does the deletion log have fewer files than the file tree that you sent earlier? 166,429 files in the listing.txt vs the 149,914 files in [redacted].log

Victim 27/08/2021, 23:47:16