It is, at least, false advertising. Given that this person does not actually decrypt anything, it is useless against any version of ransomware where the ransom doesn't help (quite a few of them). In addition, it is unethical to find the actual cost and then to multiply that by 10; that's not what an honest or ethical broker would do. While a broker that was up front about being a broker and what the fee would be would be doing so ethically, it's also a pointless thing and a very bad idea.