Threat Database Ransomware Chichi Ransomware

Chichi Ransomware

Infosec researchers have detected a new ransomware threat that aims to cause severe damage to the computers it manages to infect. Named the Chichi Ransowmare, the threat is capable of rendering a wide array of file types completely unusable by encrypting them with an uncrackable cryptographic algorithm. During the encryption process, the threat also modifies the original names of the affected files by appending '.chichi' to them as a new extension. The ransom-demanding message of the threat is delivered as a text file named 'Guide To Recover Your Files.txt.'

Demands Overview

According to the ransom note of the threat, the cybercriminals responsible for unleashing the Chichi Ransomware demand to be paid exactly $300,000. The funds must be transferred to the provided crypto-wallet address using the Bitcoin cryptocurrency. If 72 hours pass without receiving the money, the hackers threaten to release sensitive information collected from the victim, while all encrypted files will no longer be recoverable.

As a demonstration of their ability to unlock the encrypted files, the hackers are willing to decrypt a single file that is less than 512KB in size for free. To establish communication and send the chosen file, victims can contact the five different email addresses found inside the ransom note - 'semenov.akkim@protonmail.com,' 'chichihao@protonmail.com,' 'velbms@rediffmail.com,' 'sonuamit555@rediffmail.com,' and 'smenov@bitmessage.de.'

The full set of instructions dropped by Chichi Ransomware is:

'!!! YOUR NETWORK ENCRYPTED !!!

What happend?

Your computers and servers are encrypted, backups are deleted from your network and copied. We use strong encryption algorithms, so you cannot decrypt your data.

What guarantees?

We guarantee that you can recover all your files safely and easily.
You can decrypt a single file for warranty - we can do it.
Find a *.chichi file on your computer and upload and get the original. (maximum file size - 512Kb)
Chat with support

But if you want to decrypt all your files, you need to pay.
Write to support if you want to buy decryptor.

How to contact us?

Write to email :
semenov.akkim@protonmail.com, chichihao@protonmail.com, velbms@rediffmail.com, sonuamit555@rediffmail.com, smenov@bitmessage.de

How to Pay?

You need pay $300,000
Payment has to be deposited in Bitcoin based on the Bitcoin/USD exchange rate at the moment of payment.
The address you have to make payment is:

Attention!

Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.

You have to deposit payment within 72 hours (3 days) after receiving this message, otherwise, you will lose your files forever and we will start posting your data to the dark web.'

Trending

Most Viewed

Loading...