Home Malware Programs Ransomware DarkWorld Ransomware

DarkWorld Ransomware

Posted: March 1, 2021

The DarkWorld Ransomware is a new file-encryption Trojan whose creators have implemented additional features on top of a common file-locking mechanism. Apart from encrypting files, the DarkWorld Ransomware also tries to collect specific files and transfer them to the attacker's server prior to their encryption. Usually, this trick is used to make it more likely that the victim will agree to pay a ransom sum because they will have their data published online. DarkWorld Ransomware's creators, however, do not threaten to publish the files of their victim. Instead, it seems that they only try to collect small text documents that may contain sensitive data – the victim is not told that this has happened. The only obvious change that the DarkWorld Ransomware brings is to add the '.dark' suffix to locked files, and to drop the ransom note 'Important.txt.'

Often, threats of this type are spread through corrupted email attachments, but the authors of the DarkWorld Ransomware have opted to go for a less sophisticated approach – the threatening program is disguised as the installer of popular software suites. The fake package may be promoted through deceptive advertisements, or it might be hosted on low-quality torrent trackers and platforms for pirated software.

Surprisingly, the list of file formats that the DarkWorld Ransomware targets is relatively low – it consists of about 30 unique extensions. The attack will still be very damaging, but there is a chance that users might have some of their data spared. Regardless of this, the DarkWorld Ransomware will still lock documents, archives, backups, images, and formats used by various programming languages.

The criminals ask for a ransom payment of $300 via Bitcoin, and they provide a wallet where the money should be sent to. Victims also are given the email darksimo@protonmail.com and told that they can submit up to one file for free decryption.

Paying the ransom sum is a terrible idea because the criminals would be able to collect the money without giving you anything in return easily. It is recommended to run an anti-virus scanner to terminate the DarkWorld Ransomware and then experiment with popular data recovery utilities.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to DarkWorld Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.