Chinz Ransomware
Although the ransomware field continues to be dominated by variants of the infamous STOP Ransomware, there are plenty of other ransomware families that cybercriminals use to craft their own file-lockers. One of the families to be popular in the past year has been the Phobos Ransowmare, and the latest file-encryption Trojan created with it is called the Chinz Ransomware. If you fall victim to this threat, you will notice that many of your files had their extensions changed to '.id[<VICTIM ID>].[yuzhou13@tutanota.com].chinz' – this is the method that the Chinz Ransomware uses to mark the files it locks.
Another noticeable change that this ransomware brings is the introduction of the 'info.txt' and 'info.hta' files in all directories that contain encrypted data. The ransom notes do not mention the exact price of the decryption service that the perpetrators offer, but it does warn users that they can purchase a decryption tool in exchange for Bitcoin. The notes also include the emails yuzhou13@tutanota.com or kaidrake@cock.li that can be used to contact the attackers.
Trying to ask Chinz Ransomware's creators for help is a bad idea because they will not do anything for free. You have no reason to believe that they will assist you after you pay – it is never a good decision to pay money to cybercriminals.
If the Chinz Ransomware has infected your system, you should run an anti-malware service to help clean the infection. After you do this, you can experiment with the most popular data recovery options and tools available for the Stop Ransomware variants.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.