A ransomware infection, named by the mythical beast Chimera was spotted by ESG malware researchers to encrypt vital documents, pictures, videos, audio files and other of the computers it infects. The Chimera virus also deletes the backup of those files and asks it’s victims to pay the ransom fee for the files. The payoff amount asked by the Chimera is reported to be around 1 BTC , and the virus also threatens users to publicly publish pictures and videos of the user online. Fortunately, a decryptor has been released for Chimera ransomware by Kaspersky researchers that may decrypt your files. To learn how to work with the decrypter and hopefully, restore your files to a working state.
Chimera Ransomware – Background
This particular string of ransomware code used to infect victims back in 2015 with massive spam campaigns especially via e-mail. The spam messages were reported to possibly have the following types of files as e-mail attachments:
→ .docx, .jpg, .bat, .cmd, .exe, .pdf, .vdi, .txt
Not only this but the attachments may contain legitimate files uploaded along with them all packed together in a .ZIP or .RAR archive to make the process seem legitimate. After opening the malicious files, the ransomware immediately started file encryption.
After encryption, the Chimera ransomware left the following ransom note on infected computers to notify the user that he or she must pay the ransom:
Users were left with no option but to pay the ransom money or wait until a decryptor is released. Thankfully now, there has been an actual release of a decryptor, by Kaspersky researchers who have updated their Rakhni Decrypter to decode files encrypted by Chimera ransomware.
Chimera Ransomware – Removal and Decryption Tutorial
To best give you the instructions, we have decided not to limit you solely to the decryption of this virus. In case your computer is infected with Chimera, you should remove it before decrypting your files. This is why we have separated the process into two phases – removal and decryption. In case you have already removed the virus, you can skip to step two and go directly for the decryption instructions:
Phase 1 – Removal
To remove Chimera ransomware, please follow the below-mentioned removal instructions. In case you are having difficulties In manually removing Chimera, please use the Automatic Removal Instructions.