[uep]

If someone were to pay up and receive the attacker's private key, what's to stop them from distributing it to others?

[equivrel]

That's exactly the trick: the attacker doesn't send you their private key, they decrypt (using their private key) the other private key that the ransomware generated on your machine, which is what was used to encrypt the per-file AES keys.

[chinhodado]

To clarify, the files are encrypted with a symmetric key, which even though is "private", is not part of a public-private key pair in asymmetric crypto.

[knome]

The attacker probably just decrypts your locally generated key. I doubt they send along the master key.