A new ransomware called DeathRansom began with a rocky start, but has now resolved it’s issues and has begun to infect victims and encrypt their data. When DeathRansom was first being distributed, it pretended to encrypt files, but researchers and users found that they could just remove the appended .wctc extension and the files would become usable again. Starting around November 20th, though, something changed.
Source: Bleeping Computer