Data Security, Encryption, Incident Response, TDR

Rival cyber-gang leaks private keys of Chimera ransomware

Creators of the rival Petya and Mischa ransomware programmes have leaked the private keys of Chimera ransomware.

 

According to Mischa developers, they gained access to large parts of the system used by Chimera's creators earlier this year and as a result obtained Chimera's source code and integrated some of it into their own project.

 

A person going by the handle of JanusSecretary, known as the author of Petya, tweeted Chimera keys in a bid to stifle ransomware competition.

 

Malwarebytes spotted the leak and reported that Mischa shares some components with Chimera. There is no confirmation that the newly leaked RSA keys actually work to decrypt files affected by Chimera.

 

“Checking if the keys are authentic and writing a decryptor will take some time – but if you are a victim of Chimera, please don't delete your encrypted files, because there is a hope that soon you can get your data back,” Malwarebytes researchers said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.