[dagw]

The ransomware doesn't copy any data off the NAS, it simply encrypts it in place. When you've paid up, they send you the key to unencrypt your data.

[BozeWolf]

"they send you the key"

If they send the key. If I was a criminal, I would minimise contact with the victims.

[dagw]

I gather that historically at least they almost always send the key. At the end of the day they're a business like any other and a few bad reviews will kill their revenue stream. However if they are known to offer fast replies and support, it's a lot easier to convince people to pay up.

[junto]

Seems so ironic:

Bad guys ransom-ware business dependent on good reviews from 'paying customers' whilst processing support requests for 'license keys' in a timely manner.

[pistle]

"Quick response and delivery. Decrypted as listed in the instructions. Would do business again! 5-stars! Best hackers on eHack."

[wyred]

My bad, for not understanding how it works.