Skip to main content

New ransomware surprises victims with its affiliate program

A hacker inputting code into a system.
Roll up, roll up, who wants to make some money ruining the prized memories of computer users around the world? You do? Well you’re in luck, as the nefarious individuals behind the ransomware “Chimera,” have placed an advert in their latest creation, offering anyone affected by its software to join its affiliate program and help spread the wondrous destruction of the malware.

In many ways the Chimera ransomware is quite typical. Once a machine is infected, it hunts out potentially important documents, images and files and encrypts them, only offering to give the decryption key if the affected user pays up. It does however go one step further and states that if the user holds out and doesn’t pay, the content may be posted online for all to see.

That sort of threat could be specifically damaging for businesses or those with skeletons in their digital closet.

But it’s the affiliate scheme that really makes this bit of malware stand out. The call for new proliferators of the nasty software is buried in the base of the screen that pops up following infection. Along with a notice that you have been infected with the Chimera Ransomware, a Bitcoin address and a demand for a certain amount of the digital currency, is a small note encouraging anyone interested to check the source code for information on how to join the exciting affiliate team.

Related: Buggy ransomware permanently encrypts files on accident 

Buried in the back end is information that will help you get set up as a ransomware distributor. It even sounds like a good deal, with the creators offering as much as 50 percent commission for anyone that joins up. Of course, you risk detection and arrest if you aren’t careful, and you’d be potentially inflicting horrible stress on those affected. But hey! 50 percent!

According to Trend Micro, this tempting offer may not be worth it, as the chances of detection should you sign up are increased. This particular bit of malware is relatively easy to detect and doesn’t have much in the way of obfuscation to prevent your identity as the originator.

So, no — it’s not a good idea to sign up as a malware affiliate.

Editors' Recommendations