BushidoUK · January 15, 2025 00:05
diff --git a/CACTUS_RULES.txt b/CACTUS_RULES.txt
 Rules

 WHAT'S REALLY GOING ON?

 - We completed a security audit of your network, conducted a thorough investigation, downloaded all confidential, private, proprietary, legal, financial, compromising information of you, your customers and employees, including databases and all documents of value to you and your customers to show insecurity of your infrastructure. 
 - Encrypted your data with a very strong AES+RSA algorithm, making it impossible to view or use by anyone but us. 
 - Deleted all backups. 
 - We have compiled a security report and are waiting for your payment for our services to recover and protect your sensitive information from exposure.

 - How can I get my organization back to normal operations and avoid long-term losses due to sensitive data leakage and loss of access to encrypted files forever? 
 When a network security audit is complete, and you receive a notification, you will have 3 days to contact us. If a constructive dialogue starts and we come to an agreement, encrypted files will be recovered, exfiltrated data will be securely deleted and no one will ever know about this incident.

 1.  Beginning of negotiations:
 1.1 Contact us using the contact details left in the notes inside your network.
 1.2 In the first message, send the name of your domain and names of 3 random servers from your network, confirming that you are a representative of a company.
 1.3 At your request, we can provide you a new login and password to enter the private dialogue, which is sure no one will see except you and us. For example, third parties who may read the note, for some unforeseen reasons.

 2. Test of the decryption software:
 2.1 You may send 3-5 files for decryption test.
 2.2 We decrypt them and send them back to you, thus proving our technical ability to decrypt your network. Test files must not contain important information.

 3. Exfiltrated data:
 3.1 We provide you with a list of the exfiltrated files
 3.2 You can select 5 files from the list that do not contain any important information, we will send them to you as a proof.

 4. Payment for security audit of your network:
 4.1 We only accept payment in cryptocurrency.
 4.2 We provide you with a cryptocurrency wallet for payment. 
 4.3 To buy cryptocurrency, you can contact a crypto broker or crypto exchange service.
 4.4 After receipt of funds on our account, the transaction is considered complete and we fulfill all our obligations to you in full.

 5. Our obligations after payment:
 5.1 Within 24 hours of receiving payment we will start the process of deleting your data. 
 5.2 If you need your data back, we can give it to you, please let us know in advance before payment.
 5.3 We will send you the decryption software for Windows\Linux\ESXi with detailed instructions.
 5.4 You decrypt your systems and get back to normal operation.
 5.5 We provide a log of your deletion on our encrypted storage.
 5.6 We provide you with a security report on the incident and give you our recommendations.

 5.7 We will never conduct a security audit of your network again. 

 6. Time of validity of our offer and consequences of payment refusal:
 6.1 The deadline for agreement on the payment date is 14 days.
 6.2 If the payment amount and date is not agreed upon after 14 days, we will publish the fact of compromise of your network on our website.
 6.3 If the situation is not changed within 5 days, we notify your partners, competitors and customers and then publish your data in full.
 6.4 It is highly likely that you will be sued by individuals and companies for information leaks and breach of contracts, your current deals will be terminated. 
 6.5 Journalists, researchers, etc. will dig through your documents, finding inconsistencies or irregularities.
 6.6 Your organization will lose reputation, stocks will drop in value, and some organizations will be forced to close.
 6.7 Bad guys will use your data to commit illegal acts.
 6.8 Long-term losses are significantly higher than the fees for our services.

 7. How can I trust you? Who you are?
 7.1 We are a Direct Security Audit Agency (DSAA) revolutionizing a customer journey, one hyper-targeted solution at a time. 
 7.2 Using a strategic approach, data and technology, we maximize measurable ROI with the flawless execution our clients count on.
 7.3 We take care about our reputation and follow the rules presented here.
 7.4 We are not an affiliate program (RaaS), this guarantees the secrecy of transactions, there are no third parties who choose to do otherwise.

 8. Price formation and possible discounts.
 8.1 All clients receive a reasonable price, we study income, expenses, documents, reports and more before setting the price. 
 8.2 The price is objective and non-negotiable.
 8.3 Payment is accepted in cryptocurrency: Monero (XMR), Bitcoin (BTC). Price in BTC is 5% higher.
 8.4 You can receive a 15% discount if you make payment within 14 days of your first request.
 8.5 If you stall and bring a situation to the first publication, then no discounts is made.

 9. Our experience and recommendations to you
 9.1 Do not contact the FBI, police, or other government agencies. They don't care about your organization, they won't let you make a deal with us, which will lead to the disclosure of your data, followed by courts, lawsuits, and fines.
 9.2 Don't tell anyone about the attack because it could lead to rumors and information leaks, resulting in reputational damage. Remember that your organization is only valuable to you.
 9.3 Do not contact recovery companies, technically they cannot help, negotiate on your own, avoid middlemen who want to make money from you. If you need technical support involve your IT department.
	Rules

	WHAT'S REALLY GOING ON?

	- We completed a security audit of your network, conducted a thorough investigation, downloaded all confidential, private, proprietary, legal, financial, compromising information of you, your customers and employees, including databases and all documents of value to you and your customers to show insecurity of your infrastructure.
	- Encrypted your data with a very strong AES+RSA algorithm, making it impossible to view or use by anyone but us.
	- Deleted all backups.
	- We have compiled a security report and are waiting for your payment for our services to recover and protect your sensitive information from exposure.

	- How can I get my organization back to normal operations and avoid long-term losses due to sensitive data leakage and loss of access to encrypted files forever?
	When a network security audit is complete, and you receive a notification, you will have 3 days to contact us. If a constructive dialogue starts and we come to an agreement, encrypted files will be recovered, exfiltrated data will be securely deleted and no one will ever know about this incident.

	1. Beginning of negotiations:
	1.1 Contact us using the contact details left in the notes inside your network.
	1.2 In the first message, send the name of your domain and names of 3 random servers from your network, confirming that you are a representative of a company.
	1.3 At your request, we can provide you a new login and password to enter the private dialogue, which is sure no one will see except you and us. For example, third parties who may read the note, for some unforeseen reasons.

	2. Test of the decryption software:
	2.1 You may send 3-5 files for decryption test.
	2.2 We decrypt them and send them back to you, thus proving our technical ability to decrypt your network. Test files must not contain important information.

	3. Exfiltrated data:
	3.1 We provide you with a list of the exfiltrated files
	3.2 You can select 5 files from the list that do not contain any important information, we will send them to you as a proof.

	4. Payment for security audit of your network:
	4.1 We only accept payment in cryptocurrency.
	4.2 We provide you with a cryptocurrency wallet for payment.
	4.3 To buy cryptocurrency, you can contact a crypto broker or crypto exchange service.
	4.4 After receipt of funds on our account, the transaction is considered complete and we fulfill all our obligations to you in full.

	5. Our obligations after payment:
	5.1 Within 24 hours of receiving payment we will start the process of deleting your data.
	5.2 If you need your data back, we can give it to you, please let us know in advance before payment.
	5.3 We will send you the decryption software for Windows\Linux\ESXi with detailed instructions.
	5.4 You decrypt your systems and get back to normal operation.
	5.5 We provide a log of your deletion on our encrypted storage.
	5.6 We provide you with a security report on the incident and give you our recommendations.

	5.7 We will never conduct a security audit of your network again.

	6. Time of validity of our offer and consequences of payment refusal:
	6.1 The deadline for agreement on the payment date is 14 days.
	6.2 If the payment amount and date is not agreed upon after 14 days, we will publish the fact of compromise of your network on our website.
	6.3 If the situation is not changed within 5 days, we notify your partners, competitors and customers and then publish your data in full.
	6.4 It is highly likely that you will be sued by individuals and companies for information leaks and breach of contracts, your current deals will be terminated.
	6.5 Journalists, researchers, etc. will dig through your documents, finding inconsistencies or irregularities.
	6.6 Your organization will lose reputation, stocks will drop in value, and some organizations will be forced to close.
	6.7 Bad guys will use your data to commit illegal acts.
	6.8 Long-term losses are significantly higher than the fees for our services.

	7. How can I trust you? Who you are?
	7.1 We are a Direct Security Audit Agency (DSAA) revolutionizing a customer journey, one hyper-targeted solution at a time.
	7.2 Using a strategic approach, data and technology, we maximize measurable ROI with the flawless execution our clients count on.
	7.3 We take care about our reputation and follow the rules presented here.
	7.4 We are not an affiliate program (RaaS), this guarantees the secrecy of transactions, there are no third parties who choose to do otherwise.

	8. Price formation and possible discounts.
	8.1 All clients receive a reasonable price, we study income, expenses, documents, reports and more before setting the price.
	8.2 The price is objective and non-negotiable.
	8.3 Payment is accepted in cryptocurrency: Monero (XMR), Bitcoin (BTC). Price in BTC is 5% higher.
	8.4 You can receive a 15% discount if you make payment within 14 days of your first request.
	8.5 If you stall and bring a situation to the first publication, then no discounts is made.

	9. Our experience and recommendations to you
	9.1 Do not contact the FBI, police, or other government agencies. They don't care about your organization, they won't let you make a deal with us, which will lead to the disclosure of your data, followed by courts, lawsuits, and fines.
	9.2 Don't tell anyone about the attack because it could lead to rumors and information leaks, resulting in reputational damage. Remember that your organization is only valuable to you.
	9.3 Do not contact recovery companies, technically they cannot help, negotiate on your own, avoid middlemen who want to make money from you. If you need technical support involve your IT department.