Threat Database Ransomware CovidWorldCry Ransomware

CovidWorldCry Ransomware

By GoldSparrow in Ransomware

The CovidWorldCry Ransomware is a new file-locking Trojan that is being propagated via fraudulent phishing emails. Countless cybercriminals worldwide are using the COVID-19 pandemic to spread online tactics and various malware. As the name indicates, the CovidWorldCry Ransomware is no exception. To propagate the CovidWorldCry Ransomware, the attackers are likely to use phishing emails that contain a bogus attachment, which may be presented as an important document that contains crucial information regarding the Coronavirus pandemic.


When the CovidWorldCry Ransomware infects your PC, it will start scanning your data and locating your files. This threat is likely targeting documents, images, spreadsheets, presentations, archives, audio files, videos, databases and various other filetypes. This will result in most of your files undergoing an encryption process, which will render them unusable. The files locked by the CovidWorldCry Ransomware will get an additional extension appended to their names – ‘.corona-lock.’ For example, a file named ‘purple-lash.jpeg’ will be renamed to ‘purple-lash.jpeg.corona-lock.’

The Ransom Note

To inform the user about the attack that had taken place, the CovidWorldCry Ransomware would drop a ransom note on the infected computer. The ransom note is named ‘README_LOCK.TXT’ and contains the message of the attackers. In the message, the authors of the CovidWorldCry Ransomware state that the user’s files have been locked with a secure encryption algorithm, and the only way to recover the affected data is by paying the ransom fee required. However, the attackers do not make it clear what the ransom fee is. It is likely that it may be calculated on an individual basis, or that the users will only be informed about the sum demanded after they get in touch with the attackers. The ransom note lists all the locked files alongside the contact information of the creators of the CovidWorldCry Ransomware - ‘’

It is not advisable to collaborate with cyber crooks. There is a high chance that you will not receive the decryption tool you need even if you give in and pay the fee requested by the attackers. Remove the CovidWorldCry Ransomware from your computer with the help of an up-to-date, trustworthy anti-malware solution.


Most Viewed