When ransomware authors compete on the black market, sometimes victims benefit. This time we got access to private keys of the Chimera ransomware. They have been leaked online and shared by another cybercriminal – known for being the author of Petya.
The person under the handle JanusSecretary, made a public announcement on Twitter today:
However, as we can conclude from his message, he is not its author but rather a Chimera team’s competitor. That’s why he decided to share the private keys of their product, allowing some of the victims to recover their encrypted files. You can find the mirror of the dump here.
Checking if the keys are authentic and writing a decryptor will take some time – but if you are a victim of Chimera, please don’t delete your encrypted files, because there is a hope that soon you can get your data back.
Appendix
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.