Dehd Ransomware
It seems that cybercriminals are not wasting any time and immediately after the holidays have started unleashing more variants based on the extremely prolific STOP/Djvu Ransomware family. Despite the fact that most of the variants do not exhibit any meaningful changes or improvements, they still being harmful malware threats that can lock users completely from accessing their own files. The new threat named Dehd Ransomware is not an exception.
The Dehd Ransomware uses a strong encryption routine and as a result, can render all of the victim's documents, pictures, photos, databases, archives, etc., unusable entirely. As part of its nefarious activities, the threat also will append '.dehd' to the name of each locked file. Finally, the threat will create a new text file named '_readme.txt' on the compromised systems. The file carries a ransom note with instructions for the affected users.
Ransom Note's Details
The text of the note follows the established STOP/Djvu pattern. It clarifies that the only way to restore the locked data is by paying a ransom to the attackers in exchange for the decryptor tool and the decryption keys in their possession. The price set for the ransom is $980. By messaging the attackers within 72 hours of the Dehd Ransomware infection, users can supposedly reduce the demanded amount by 50% to $490. The ransom note also mentions that the cybercriminals are willing to decrypt a single file for free. Two email addresses under the control of the attackers can be found in the note - 'manager@mailtemp.ch' and 'helprestoremanager@airmail.cc.'
The entire set of instructions left by Dehd ransomware is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-95xH6iG39u
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
manager@mailtemp.chReserve e-mail address to contact us:
helprestoremanager@airmail.ccYour personal ID:'
