What motivation is there for them to hand over the keys (if they exist)?
If they are "going out of business" then failure to honor the agreement is not going to affect any reputation they care about.
A ransomware Trojan gang appears to be moving on, and has offered to sell its remaining decryption keys in bulk for 200 BTC ($103,000, £61,500). Cybercrooks behind the recent SynoLocker Trojan – which targets the network attached storage devices manufactured by Synology – have apparently decided to cash out on their ill-gotten …
Regardless of who is at fault, seems like a small price to pay for a NAS company in order to bail out your clients.
It would certainly leverage a tremendous amount of good will.... At least until you became a target again. Hmm. No wonder we don't *normally* negotiate with terrorists.
The issue is that of those that have not paid yet, nearly all of them simply reformatted their NAS and re-loaded from backups, or decided that their p0rn and pirated movie collections were not worth it, and simply reformatted without backups. As they will never be used, those remaining keys are probably very low value, to either Synology, or the previously infected victims.
Biting the hand that feeds IT © 1998–2021