chipsang

Member
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About chipsang

  • Rank
    New Member
  1. Hi GT 500 Good Morning. Thank you for all your efforts and time. I have sent you download link for few sample files. Thank you
  2. Hi Team Emsisoft and members. I want to update some information about "CLOWN" ransomware which might be useful for everyone. I have also put same post in Bleeping computers forum as well. Today I wish to report a incidence related to CLOWN variant. One of my client has contacted email address given in note ( [email protected] ) and asked for help. Reply came with $1500 demand which client refused. In turn opposite person said he has discussed this case with " BOSS" who is agreed for $300 in BTC. Conversation continued for several days and with the hope to get decrypter customer transferred funds in BTC wallet given ( wallet address - 3Mv279iQFVJthDUEaP21aCNWb28nDu im3N) The moment fund transferred language of opposite person changed and he said customer must pay remaining $1000 additionally which client flatly refused. Even after many requests he or she from opposite end did not give decrypter and stopped further communication. Meantime one claiming "software programmer ([email protected]) entered on stage ( claiming she is not having decrtpter and being developer I can decrypt data for $700 ,later after negotiations he came down to $200 ,however client did not pay anything to anyone. I want to alert community to add both email ID's in cheaters list ( pls.ignore if already added) , Do not pay to both of these cheaters as they are not having decrypter. Header analysis of emails is of no use as they must be hiding under VPN. I want to spread this information in as much as forums so that no innocent victim will pay to them. One curious thing I have noted that reply from second person (claiming supclown) has came in persian. That may give us hint this clandestine network might be operating from persian speaking countries. There seems to be one main mafia who hires software programmers and create algoritham , he gives it to a distributor and in turn agents like [email protected] has to pay to distriutors for each case. That means these agents whose email address are given in ransomware note are not having decrypter at all. Attached is snapshot of decrypter provided by cheaters. Also attached is headers of [email protected] Email ID appreaing in note [email protected] other email ID ---- [email protected] Beware all and do not pay to these 2 cheaters and any others too. pls. dpread this information to as much as possible peoples. Attached Files Headers protonmail.ch.txt