Click to Skip Ad
Closing in...

Dangerous ransomware threatens to expose your private files online if you don’t pay up

Published Nov 6th, 2015 9:25AM EST
Chimera Ransomware Expose Files Online

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

We’ve seen ransomware stories popping up left and right this year, detailing how hackers are making money from a scary, yet creative, type of malware. Just as the name of this attack suggests, ransomware encrypts personal files on a computer, demanding a ransom in order to release them back to users. Victims have to pay up a fee and hope that the hackers decrypt their data instead of simply taking the money and running. Sure, you can always refuse to pay the ransom, and you can try to use one of the publicly available tools that can decrypt your files (Microsoft has one too), but hackers have now devised a new method to convince you to pay up: They’ll expose your files online if you don’t.

DON’T MISS: The first thing everyone needs to do with a new iPhone 6s

According to ComputerWorld, there’s a new ransomware program called Chimera, documented by the Anti-Botnet Advisory Centre, whose creators will threaten victims in such a manner.

The attackers apparently target businesses, tricking certain employees with fake job applications or business offers. The emails contain links to malicious files hosted on Dropbox that will infect the user’s computer. Once that happens, Chimera encrypts local data and on reboot, it’ll ask the user to pay around €630 or $685 in Bitcoin to obtain the decryption key.

In the ransom note, Chimera hackers say that if they’re not paid they’ll publish the user’s files on the Internet. So far, there’s no evidence that any personal data was actually released online, however – but perhaps those affected have simply paid the ransom. Also, it’s not clear whether the malware steals any data from the infected computer before or after encrypting it.

ComputerWorld says that hackers typically don’t upload personal data to a command-and-control server, because said data would require a lot of storage space even if hackers only restrict the theft to certain file types (like pictures). But that doesn’t make this sort of attack any less dangerous.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.