Wacatac Ransomware

Wacatac Ransomware Image

The Wactac Ransomware is a threat that, at first glance, appears to be a file-locking Trojan, but it does not function as a ransomware threat because it lacks the ability to encrypt data. This threat also is known as the DeathRansom Ransomware. Since the Wactac Ransomware is not capable of encrypting your data, you would be able to reverse the damage done to your files easily. When the Wactac Ransomware infiltrates your system and targets your files, it will alter them by adding a ‘.wctc’ extension to their names. This means that a file that you had named ‘awareness.mp3’ will be renamed to ‘awareness.mp3.wctc.’ However, if you want your files to be usable again all you have to do is remove the ‘.wctc’ extension that is at the end of the filenames.

The Ransom Note

The Wactac Ransomware drops a ransom note on the user’s desktop as an attempt to blackmail them. The file that contains the Wactac Ransomware’s ransom note is called ‘read_me.txt.’ In the note, the attackers claim that they have encrypted the victim’s data, and there is only one way of recovering it – paying the ransom fee. They have not mentioned a specific ransom sum. They make it clear that the ransom fee will be demanded in Bitcoin and include instructions on how to obtain the cryptocurrency. There is an email address provided as a means of communicating with the authors of the Wactac Ransomware – ‘death@cumallover.me.’

As we already mentioned, recovering your files is a fairly simple task – simply remove the ‘.wctc’ extension. There is absolutely no reason even to consider paying the ransom fee. Make sure you download and install a reputable anti-malware solution, which will keep your system secure in the future.