Home Malware Programs Ransomware Divsouth Ransomware

Divsouth Ransomware

Posted: January 29, 2021

Unfortunately, falling victim to the Divsouth Ransomware attack may cause potentially irreversible damage to your files. There is no free decryption software that can reverse the damage that the Divsouth Ransomware causes. Its creators claim to own a working decryptor, but they are not giving it away for free – instead, they ask their victims to pay a hefty fee via Bitcoin. The Divsouth Ransomware is a file-encryption Trojan belonging to the MedusaLocker Ransomware family of file-lockers. 

If the Divsouth Ransomware has infected your computer, you will see the extension '.divsouth' added to many of your essential files. The ransomware will encrypt a large variety of file types, therefore ensuring that it will give the victim plenty of reasons to consider paying the ransom fee. The perpetrators' full instructions are stored in the document 'Recovery_Instructions.html' that will be created after the attack.

The contact details of the attackers include a TOR-based payment page, as well as two email addresses - support@welchallym.com and support@bigweatherg.com. You can rest assured that following their instructions and paying the ransom fee is not a guarantee for a positive outcome – you are likely to end up scammed out of your money.

Victims of the Divsouth Ransomware need to use an anti-virus scanner to eliminate the threat. Once the locker has been disposed of, users should proceed to restore their files from a backup or try out other data recovery tools.

Loading...