List of notes

HOW_RETURN_YOUR_DATA_2.TXT

Your files have been stolen and encrypted by Black Lock Ransomware!

Due to a security issue on your network, it was possible for
us to gain administrator access to your device(s). Your data
has been exported to our servers prior to encryption. You can
recover your files and we can delete your files from our
servers. However, This will cost you money in cryptocurrency.
If you chose not to cooperate with us, your files will remain
encrypted forever and they will be published for anyone to
abuse on our dark web blog. Many will advise you not to pay
our fee, but in the end, you will lose more money by ignoring
this attack and getting your files leaked on our dark web blog
like some clowns. Additionally, we will make it our priority
to make it impossible for you to continue conducting business.

This includes, but is not limited to :
- Constantly receiving phone calls and e-mails from us
- Having your business website shut down
- Contacting your clients and letting them know of the security breach
- Employee data being sold on the dark web and eventually used to make purchases or open bank accounts

If you want to pay the fee, follow these steps :

--- Client area (use this site to contact us):
Install Tor Browser here :
https://www.torproject.org/download/

Link for Tor Browser:
Link for Tor Browser: http://4ozbomcjurd64vgeblkoqeqirvawi3dddswriw6qespscmequmqlshyd.onion/[snip]


Start Tor Browser and connect to the Tor network.


Visit our
Blog: http://zdkexsh2e7yihw5uhg5hpsgq3dois2m5je7lzfagij2y6iw5ptl35gyd.onion

When logged into the chat, send us any message to notify us.

We will tell you about the decryption fee and after receiving
payment in cryptocurrency, we will provide you with the following :
- Decryption tool to recover your files
- Deleting your files from our servers
- Information on how we gained access to your network

It is in our best interest to respect our part of the deal, because
our reputation is on the line. After all, we are only here for profit."#, id);
specifically, this part :

```
Additionally, we will make it our priority
to make it impossible for you to continue conducting business.

This includes, but is not limited to :
- Constantly receiving phone calls and e-mails from us
- Having your business website shut down
- Contacting your clients and letting them know of the security breach
- Employee data being sold on the dark web and eventually used to make purchases or open bank accounts
```
The encryption algorithm we used is AES 256 bits, anyone claiming
they can decrypt your files without paying our fee is blatantly lying to you.

HOW_RETURN_YOUR_DATA.TXT

Hello!

Your files have been stolen from your network and encrypted with a strong algorithm. We work for money and are not associated with politics. All you need to do is contact us and pay.

--- Our communication process:

1. You contact us.
1. We send you a list of files that were stolen.
2. We decrypt 1 file to confirm that our decryptor works.
3. We agree on the amount, which must be paid using BTC.
4. We delete your files, we give you a decryptor.
5. We give you a detailed report on how we compromised your company, and recommendations on how to avoid such situations in the future.

--- Client area (use this site to contact us):

Link for Tor Browser: http://26ubgm3vvrjawkdyfhvl2d2nhq77nu3zsagbih4yy2zgau5uv5ivfgyd.onion/[snip]
>>> to begin the recovery process.

* In order to access the site, you will need Tor Browser,
you can download it from this link: https://www.torproject.org/

--- Recommendations:

DO NOT RESET OR SHUTDOWN - files may be damaged.
DO NOT RENAME OR MOVE the encrypted and readme files.
DO NOT DELETE readme files.

--- Important:

If you refuse to pay or do not get in touch with us, we start publishing your files.


Еhe decryptor will be destroyed and the files will be published on our blog.

Blog: http://dataleakypypu7uwblm5kttv726l3iripago6p336xjnbstkjwrlnlid.onion

Sincerely!

README.dcglhCm.txt

Hello!

Your files have been stolen from your network and encrypted with a strong algorithm. We work for money and are not associated with politics. All you need to do is contact us and pay.

--- Our communication process:

1. You contact us.
1. We send you a list of files that were stolen.
2. We decrypt 1 file to confirm that our decryptor works.
3. We agree on the amount, which must be paid using BTC.
4. We delete your files, we give you a decryptor.
5. We give you a detailed report on how we compromised your company, and recommendations on how to avoid such situations in the future.

--- Client area (use this site to contact us):

Link for Tor Browser: http://panelqbinglxczi2gqkwderfvgq6bcv5cbjwxrksjtvr5xv7ozh5wqad.onion/Url=[snip]
>>> to begin the recovery process.

* In order to access the site, you will need Tor Browser,
you can download it from this link: https://www.torproject.org/

--- Recommendations:

DO NOT RESET OR SHUTDOWN - files may be damaged.
DO NOT RENAME OR MOVE the encrypted and readme files.
DO NOT DELETE readme files.

--- Important:
If you refuse to pay or do not get in touch with us, we start publishing your files.
Еhe decryptor will be destroyed and the files will be published on our blog.

Blog: http://zdkexsh2e7yihw5uhg5hpsgq3dois2m5je7lzfagij2y6iw5ptl35gyd.onion/

Sincerely!