Eri Wilde's Japonaiserie

I have a video on YouTube talking in English about recovering from this ransomware deadbolt attack, and there were a lot of posts made in the comments section of that video. I have blocked them now, but most of them were posts by bots advertising hackers who promised to recover files which were encrypted by ransomwares. I was trying to support a Japanese consulter whose ransom note couldn’t be restored. He didn’t know the bitcoin address to transfer the ransom to. I couldn’t help asking this hacker to help us. Then the hacker deceived me into believing that the decryption key would be obtained by having OP_RETURN output to the blockchain in the same way as when paying the ransom, but at a lower price than the ransom. However, there was one thing I was not convinced of. That was, how could they write out the decryption key to OP_RETURN without the ransom note, which has bitcoin address? My understanding was that the bitcoin address assigned to each NAS and the decryption k...

Deadbolt Out of the Blue Slightly after my father went back home from work on May 13, his QNAP NAS server at his company was attacked by Deadbolt Ransomware. He noticed the extensions of all the files on the server were turned into .deadbolt next morning. Because it was Saturday morning, his securiy management company was not operating, so he gave me a call. He asked me to come to check it up and fix it.  Then I thought his vendor should take care of the incident because I was not in charge of the security management of the server any longer. So I asked him to wait for their support. Next week, the person in charge of my father's server from the vendor visited his company and explained how they could recover the files. He told us the server had been set up so that backup files would be made when they were stored at the same time, and they would be able to restore the files from the backup. My father made them take the server to their place then. It took them quite a few days to est...