Ransomware is a type of malware that encrypts the victim's hard drive cryptographically until he pays a ransom. It's a very popular method among cybercriminals. This tactic has been so successful that some ransomware makers have begun to sabotage the ransomware of others in their attempts to prevent competition.
At the beginning of this week, 3.500 keys were leaked to the internet for one item ransomware known as "Chimera", which supposedly allows Chimera victims to securely decrypt their files without having to pay a ransom in bitcoins. The decryption keys were apparently released by the makers of the rival ransomware package called "Petya & Mischa", which I claimedthat they violated the Chimera development system, seized the keys and pieces of the code.
Chimera is a particularly unpleasant kind of ransomware that locks not only a victim's hard disk but threatens to leak their secret files online if the ransom is not paid. It is not yet clear whether the leaked keys will actually work and decipher the locked machines that have been affected by the malicious software, but Malwarebytes, who first noticed the leakage, says it will take some time to check.
In any case, the developers of Petya & Mischa seem to have shared these keys to "promote" their own ransomware, which is based on the stolen Chimera code now is offered as a service in Tor, to those cyber criminals wanting to earn some bitcoins out of it.
It seems that some kind of noxious war has begun among the criminals. Earlier, ransomware developers have said they are outraged by a recent fake ransomware, which displays frightening messages, but does not actually unlock the victim's hard drive when he pays a ransom. The rationale of criminals is that fake ransomware could make people believe that they can not get their files back if they hit a real ransomware, endangering future profits.
Follow us on Google News