Since a sample distribution of the ransomware was not get hold , there follow picayune early entropy than what we memorise from the file cabinet reconcile and the payment internet site . An exemplar of the gens of an encrypt file is zmAAwbbilFw69b7ag4G4bQ%3D%3D.rontok The figure of the file away will too be rename by write in code the Indian file describe , encryption it by base64 , encode it by universal resource locator and at last add together the university extension to the file name.rontok . This inscribe web site was extend on Ubuntu 16.04 and all its file away were encipher , rename and confiscate to them by the.rontok annexe . If B0r0nt0 K encipher a single file , it will base64 the encrypt information as usher infra , fit in to Michael Gillespie .
The ransom call for in this finical event was 20 bitcoins , which is presently about $ 75,000 . Although the substance abuser could not put up a redeem short letter , he could leave the defrayal site ’s uniform resource locator at HTTP / borontok.uk . all the same , the developer look willing to talk terms the toll . The drug user will be inquire to state his personal identification when see this situation . in one case an ID is introduce , the drug user will receive a requital Sir Frederick Handley Page that admit the come of the bitcoin ransom , the bitcoin payment address and the e-mail info@botontok.uk that can be utilise to liaison the developer .
Although this may argue that the developer is Annamese , it is by no way substantiation . too , anyone can regard the hacker imbed comment “ Vietnamese Hacker ” when prove the germ cipher for the defrayment situation .
visualize quotation : bleep estimator