DarkWorld Ransomware
The DarkWorld Ransomware is a new file-encryption Trojan whose creators have implemented additional features on top of a common file-locking mechanism. Apart from encrypting files, the DarkWorld Ransomware also tries to collect specific files and transfer them to the attacker's server prior to their encryption. Usually, this trick is used to make it more likely that the victim will agree to pay a ransom sum because they will have their data published online. DarkWorld Ransomware's creators, however, do not threaten to publish the files of their victim. Instead, it seems that they only try to collect small text documents that may contain sensitive data – the victim is not told that this has happened. The only obvious change that the DarkWorld Ransomware brings is to add the '.dark' suffix to locked files, and to drop the ransom note 'Important.txt.'
Often, threats of this type are spread through corrupted email attachments, but the authors of the DarkWorld Ransomware have opted to go for a less sophisticated approach – the threatening program is disguised as the installer of popular software suites. The fake package may be promoted through deceptive advertisements, or it might be hosted on low-quality torrent trackers and platforms for pirated software.
Surprisingly, the list of file formats that the DarkWorld Ransomware targets is relatively low – it consists of about 30 unique extensions. The attack will still be very damaging, but there is a chance that users might have some of their data spared. Regardless of this, the DarkWorld Ransomware will still lock documents, archives, backups, images, and formats used by various programming languages.
The criminals ask for a ransom payment of $300 via Bitcoin, and they provide a wallet where the money should be sent to. Victims also are given the email darksimo@protonmail.com and told that they can submit up to one file for free decryption.
Paying the ransom sum is a terrible idea because the criminals would be able to collect the money without giving you anything in return easily. It is recommended to run an anti-virus scanner to terminate the DarkWorld Ransomware and then experiment with popular data recovery utilities.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.