Archiving this, which was posted on Pastebin on June 3 by YDKLIJNSMA (Yonathan Klijnsma, 0x3a)
Dear users,
Just one month ago, in one instant, all what I’ve studied for months fused in one brilliant idea, which was then named Tox. I knew it was something new, something that was completely different from what was already there. I started designing the whole thing in my mind, then I started coding, reading documentations, testing software.
After two weeks of non-stop hard work, the platform was online.
A little more than a week ago, I started posting links around the deep web, in the hope somebody would have given Tox a try.
Things exploded.
Even before the website was ready to host users, the McAfee blog was featuring the article about this platform. The the number of the users started growing. From 20 to 50, from 50 to 100, it was doubling every day. Infections, with a little delay, started growing too.
In just one week, the platform counted over one thousand users and over one thousand infections, with an average of more than two hundreds of polling viruses per half-hour.
Yesterday, 2nd June 2015, I decided to quit.
Plan A was to stay quiet and hidden. Well, I think I screwed up.
It’s been funny, I felt alive, more than ever, but I don’t want to be a criminal.
The situation is also getting too hot for me to handle, and (sorry to ruin your expectations) I’m not a team of hard core hackers.
I’m just a teenager student.
Some have said I think out of the box, others said I’m a skid who just developed the worst ransomware ever. I think that both opinions may be true, but one thing is objectively true: with Tox, I opened a door for a whole new way of thinking. I’m sure that others will try to replicate what I did. Not just for bad reasons, maybe somebody (maybe myself?) will find out how to do something good based on all this.
One last thing: if I really was a team of hard core hackers, with time and resources, this would have become one the greatest viruses ever.
In these days, in the chat, people helped me testing and debugging the virus, but the most interesting part is that they suggested me how to improve it. I don’t think that such a great brainstorming has ever happened in the process of designing a virus. Users were spurred to help me improving the platform, for their own good.
What’s next? I’m selling all this out because even if I didn’t, somebody would have developed his own Tox-like version.
I’m asking my users to be patient, I’m not going to scam you. In a few days I’ll ask you a bitcoin address in the case somebody pays some of your ransoms. I’ll forward you your part.
If nobody’s going to buy the database, in one month I’m releasing the keys, and victims will have their files automatically unlocked.
My choices are not linked to the recent external events, I pondered all these choices on my own, for my own good.
Sincerily, Tox
PS: This is my personal PGP key
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1
mQENBFVuztQBCADFGDuc8hnRM48cWswjYKW2qqpoSr7edULNN6X+6x9DZRMVbkoG
QkKv5A4P/BCszHmWnbZCZ2kqwKXS8PPiXbJ3AoS6SJaLRsX0n/v4kAlFQsg9fXd1
WIqH0sp0U+zDwpWSL9A8g0z+c+BJ2XPLg7zYSyLMNGzAxXgU7V1AxecJEUr80bTs
QmfmgoY/JaCBRFTr5Jf2ttm/dAwCdxTDG0l0LMJ3Byz/HYGL3bDR5Aw8S56p2qh0
dd/b8OuDtB5OzpCvOy3R07H8URwuLS6YpKS0D51j07CzM6m2V+u+HtBChxH3RixG
gD6UwTKmp7iTsSxdHiijphqwbe+2bGd80MqbABEBAAG0HVRveCBGb3VuZGVyIDx0
b3hAc2lnYWludC5vcmc+iQE4BBMBAgAiBQJVbs7UAhsDBgsJCAcDAgYVCAIJCgsE
FgIDAQIeAQIXgAAKCRCCFaztCrd31J1IB/9NH4u3apAwZnpExcclt6A2+nETu16X
XmzRynyUYyw6MrwGc9ssNs1WAW5yDSeEQ4nY7rTczmxZe2UEhgQhBWPfxiUFsdEm
yDQkdt2REiajcHVkOxI72/Sprck/YWogS2SIERPmh/eJGejg9dGBeBiS3cfjoTOv
+xldjwanALmFlOJ/blJaOXTrkc3bQLt+kiViuo2Egu7qPxXiQ0LaaNNlso7kYalp
iRkIM+4OFTw3hqM3ny9k9lWz2WSxtxb6ySRBoz4fZglsoyzlfe0pkuPfPYBt1AX8
DETxoZcla3ZLsJlrAqEEvwEbva5y1t37RrcapiKe93Q6LaEYLj85Y+IJuQENBFVu
ztQBCADSHnxlFmUG25FtDc+epWJiwuxObtRIzAjJ3a+UiwJYYlPnTgm6RVfoCJhi
gZ1vFMDpKKIjzQa1VW0THRsJoFFZIiiqHArKIoNKkSdR9DX2XxxtkWPKH1xyHokG
hjfhZPU7AY1W/rLpn3cEsl5sBLBzcBWXTyYd1771dBGuC8keIWL+CNhH9Q00UiMY
kLgKy24VcLH3M9nswx7zqjaBX7YxzChqya6MoPC+HNGio1UjzD5vYuqHl2a7q8tU
RwuoAlk1k4sO9t7NyDOzZ6XaIWQu34j1rZm1m4RnJ+BkPHMgQkAcvGAOioUPt+mH
G6CmMnFccuz2K1yry2E5XXanIvw1ABEBAAGJAR8EGAECAAkFAlVuztQCGwwACgkQ
ghWs7Qq3d9TDXQgAr7Y8HpAOVzc5wM3f4XplQpbXxnAtGQ2X/hStFSR1TKhozjcO
Bjj6OrPwGVnN7MztIrYB8b0W6N0b5o2LCle1bjuLsBAMghtvhd6vsWExmpP1wGB/
UUEn3yxFXb34d98WAtj/ei+b9i3DdpRgGmnUwcvR91WWeK1yRdT9mChTIFa3EDNM
NfDbQSsM79upQOM2Juccfw4weB4sOSOUbdcbhI4Mqx+QuvfZqNTWEDKutFbeVlmK
bnuj36YOeg4ohTlyF0pMnF6kJoPX/ATqA3dSIjvMAzBJ1sHO+BqbjU1qiDLXsG38
M6z6lUJGrefCduEfj5mYQydbm3GpJGAUkTcGKA==
=XHzO
—–END PGP PUBLIC KEY BLOCK—–