Chimera Ransomware - How To Remove?


In Greek mythology, Chimera is a gruesome creature, constructed from parts of three different animals. Visualization of this beast is usually similar: a lion with a head of a goat coming out of its back and a snake instead of a normal tail. Many ransomware viruses are called after similar monstrous creations to indicate danger. However, the fierce competition between ransomware viruses sometimes triggers a sneaky rivalry between such crooks. Of course, such encounters sometimes play out to the benefit of Internet users. This time as well: Chimera ransomware was played by the creators of Petya and Mischa viruses. Just a couple of days ago, these hackers released 3500 decryption keys from Chimera and potentially ended its on-going reign.

About Chimera ransomware

Chimera virus was a teacher for many ransomware around. Ironically, Petya and Mischa are based on this variant. This situation once again proves that you can never trust crooks and that the rivalry between them is growing stronger and stronger. Getting back to the virus at hand, Chimera ransomware has been active since 2015. Security researchers have concluded the most significant traits about this infection. Once its payload is dropped somewhere in your PC, it runs every time you launch your computer system for work. After running a thorough scan, Chimera virus begins to encrypt various types of files. After selected data is ruined, it adds an extension to each corrupted piece of data: .crypt. Then, Chimera virus determines in which language should the ransom note be and displays it for people to see. This ransomware is known to delete the backups that sometimes help to restore files without the private decryption key. To frighten infected victims even more, Chimera went as far as threatening to expose the encrypted files to the public eye. Good news is that security researchers are probably going to construct a file-recovering tool soon.

How to Decrypt the Files Encrypted by Chimera Ransomware?

As we already mentioned, it won’t be long until security researches use the 3500 decryption keys that went viral. For the future, you should store at least the most valuable files in backup storages, keep them in USBs or other places. Chimera ransomware usually demanded a sum of money depending on the amount of the encrypted files. Reports suggest that people were urged to pay the ransom, starting from 0.93002414 Bitcoins. For different victims, fee reached even over 2 Bitcoins (1314.86 US Dollars). Such money should never be transferred to crooks as this money will only them help produce even more ransomware viruses.

Update: the decrypter is now available at here: link. You can download it absolutely for free and successfully decrypt your files.

How is Chimera Ransomware Distributed?

Chimera ransomware is distributed like many other this type of viruses. Its executable is often added to email letters that originate from hackers that try to tempt your fate. Do not open letters from untrustworthy sources as they can contain infectious files. Whatever you do, do not download them or click on the URL that the letter suggests. At some cases, letter might even look like their sender is a legitimate company or even your friend. Get verification from such transmitters if they have indeed sent you such message. Do not be a puppet, easily controlled by crooks, and develop a critical approach while surfing the Internet.

To eliminate Chimera virus, employ Reimage, SpyHunter or Malwarebytes for this task. A manual removal is also possible, but we would recommend to turn to antivirus for help.



About the author

 - Main Editor
I have started in 2007 after wanting to be more or less independent from single security program maker. Since then, we kept working on this site to make internet better and safer place to use.
July 28, 2016 06:41, March 14, 2017 05:05

Leave a Reply

Your email address will not be published. Required fields are marked *