Copyright © 2019 Arcane Security Solutions ltd.


ALERT: Beware and Prepare for DeathRansom Ransomware

November 26, 2019




Hi Guys,


A new malicious ransomware attack has been released. When it It started out it was not as aggressive as the version that has emerged in the last 6 days and it seems that there may be a new, live distribution of the ransomware on its way. This version locks all of your files and data until you actually pay a ransom.


Starting out the attack only pretended to encrypt a victims data and it was soon discovered that the ransomware only added to the file extension. For example from ‘.doc’ to ‘.doc.wctc’ making it difficult to locate or access on the device. Removing the extension made the files usable again, so an infection was essentially reversible.


Unfortunately, this is no longer the case. This ‘issue’ has now been fixed and the ransomware can now encrypt the data, and all files on the device. In every encrypted file there is a type of ‘ransom note’ called ‘read_me.txt’ with information about how to contact the developer, including a unique ‘LOCK-ID’ that identifies your device.


In some cases devices that were also infected by DeathRansom were also infected by another program called STOP Ransomware which may indicate how the new attack is being distributed. STOP is only delivered through adware bundles and cracks so perhaps this same method is used, however, this is still unknown.


How to protect yourself
As it is not currently known exactly how DeathRansom is being distributed you must protect yourself in as many ways as possible and particularly when your are connected to the internet.


Online Activity - Be careful when your connected.
Malware, of all kinds, needs an internet connection to be delivered, whether through a website or via email etc. (unless someone has physical access to the device which is much less common for this kind of attack). So you should be careful when you are connected, use secure wifi, secure browsers, don’t open emails you don’t trust and don’t click on any links that you don’t trust. Only use reputable websites and if in doubt use Incognitos Website Checker to be sure.


Protect your data, back up to an external hard-drive at best, or back up securely online.
If you are backing up online choose a reputable company, a very strong password and 2 factor authentication. This way if your file are encrypted on your device you can access them somewhere else and all is not lost. We recommend you always have a back up.


Anti Malware Product
Download and use an anti malware product. Choose a reputable company and scan your devices immediately and regularly. While some products may not protect against this newer version of DeathRansom yet, they will soon so ensure that you update the product regularly. Updates are so important to ensure you have the best protection.


Stay protected and keep yourself informed.

Please let me know if you need any help in relation to this.

Max Roberts,

Incognito Privacy Care

 Join our community of over 4 million happy people.


  • Use the Sign Up form below to join our community and we will notify you every time we have a new Privacy Tip. 

  • Please Share this tip with your family and friends and let them know we can help.

  • Install - If you are an Android user why not install Incognito and allow us to keep you safe from commercial spyware. Incognito is easy to use and extremely effective at finding and removing spyware. Just tap the 'Get it on Google Play' button below.

  • If you are happy with Incognito and its service please leave us a Review on the Play Store. 



Share on Facebook
Share on Twitter
Please reload