Chimera is a cryptographic virus that encrypts files stored on the infected system. It is distributed through various bogus job applications, as well as business offers and infectious email attachments. When you have encrypted the files, Chimera adds the crypt extension to each of the files. After the infected computer restarts, Chimera changes the desktop background to an image containing a message informing users that they have to pay a ransom to receive a key required to decrypt the files.
The user is informed that he must pay a sum of 2.45267544 Bitcoins otherwise the personal files would be published on the internet together with the user’s name. In addition, the data will remain encrypted. Unfortunately, at the time of the analysis, there was no tool capable of decrypting these files. Therefore, the only way to solve this problem is to restore your files from a backup. Note that by paying the required ransom, you are simply sending your money to cyber criminals, thereby supporting their malicious business model. To top it all, you can never know for sure that your files will be decrypted; for these reasons, you should never attempt to contact the Chimera developers or pay the ransom.
Like most varieties of ransomware, it all starts with a spear phishing attack. This cyber mob sends email campaigns targeting specific employees with job offers or business proposals with “more info” in a link to a malicious payload hosted on Dropbox. Once the Dropbox link is clicked, an automatic download of the Trojan is triggered which immediately begins encrypting data on local and connected network drives. Encrypted files are changed to the extension .crypt. After restarting the computer and logging back in, the ransom note takes over the desktop.
Although this threat can be a problem, now there are tools capable of eliminating Chimera and one of those would be Malwarebytes Anti-Malware, also if you have a backup, this will help to return everything to normal. Remember that all precaution is little before these threats.
Also check:
eCh0raix is the ransomware that targets NAS devices
Babuk Locker – The First Ransomware of 2021
