You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!



  • **
  • 68
  • +26/-0
      • View Profile
My files were encrypted with .CRYPT extension!
« on: November 03, 2015, 05:00:42 pm »
If your files were all changed to the .CRYPT extension, we have bad news for you. You have been 'attacked' by a ransomware known as Chimera. It's currently active in Germany, but ransomware authors often like to switch their targets overnight.

Possible reasons for the ransomware intrusion are:
  • Opening corrupted emails posing as official establishments.
  • Exploit kits.

As a result of the infection, a ransom message was displayed to you. It may be written in your language.

This may be because the threat may be able to detect your location. The message usually says that a ransom should be paid via the Tor network. Some Chimera versions were also reported to demand 0.93002414 Bitcoins in exchange for the decryption of the users' files.

A brand new Chimera campaign can extort users in more ways than just asking for bitcoins. The authors may threaten victims to publish their personal files if the demanded amount is not paid within the given deadline. Read more about this particular case here:

Also, make sure to read how to deal with the Chimera malicious piece:
« Last Edit: November 03, 2015, 07:28:07 pm by mcinn »