Red Mosquito - our experience
Had a business get their server encrypted.
Tried all known decrypt tools (after files submitted for analysis on various a/v sites). None worked.
Then one a/v identified as Dharma/cezar and no decrypt possible without original key.
Found Red Mos & contacted them for decrypt.
Their price was cheaper than criminals wanted, so went with them on no decrypt no fee basis.
They got the decrypt done via TeamLink
Suspected they were a middleman as mooted on various forums.
We thought more chance of a decrypt by going through them, rather than criminals direct and hassles of doing Bitcoin for the first time, with no guarantee criminals wouldn't just take money and run.
If they were more open about what they were doing would be better as then a known reliable intermediate.
As ever, ensure you & your customer systems patched up to date etc. etc. ...
Biting the hand that feeds IT
