Threat Database Ransomware Ldhy Ransomware

Ldhy Ransomware

Through the examination of malware threats, researchers have uncovered a new ransomware named Ldhy. This threatening software exhibits the ability to encrypt a diverse array of file types. Furthermore, it appends a distinct extension, '.ldhy,' to the filenames during the encryption process. For example, a file originally named '1.jpg' undergoes a transformation into '1.jpg.ldhy,' while '2.pdf' becomes '2.pdf.ldhy,' and so forth. Notably, Ldhy complements its file encryption with the creation of a text file named '_readme.txt,' serving as a ransom note. This note includes contact details and instructions for the victim on how to proceed with the ransom payment.

Researchers have conclusively identified Ldhy as a variant associated with the STOP/Djvu Ransomware family. It is essential to emphasize that threats from the STOP/Djvu family often incorporate additional malicious elements, such as information stealers like Vidar or RedLine, further complicating the potential risks and impact of the attack.

The Ldhy Ransomware Locks Data and Extorts Victims

The ransom note accompanying the Ldhy Ransomware attacks explicitly outlines that a wide range of files, including images, databases, and documents, have been encrypted using a robust algorithm. The only avenue for recovery is deemed possible by acquiring a specialized decrypt tool along with a unique key held exclusively by the attackers. To obtain these tools, the attackers demand a payment of $999, enticing victims with a 50% discount if they initiate contact within a 72-hour window.

In a bid to showcase their decryption capabilities, the cybercriminals offer to decrypt one file free of charge. However, they specify that the provided file should lack valuable information. The contact email addresses provided for initiating communication with the attackers are and

It is strongly advised that victims refrain from engaging in negotiations with ransomware attackers or succumbing to ransom payment demands. The probability of accessing files without payment is either non-existent or highly unlikely. Additionally, victims are urged to promptly remove the ransomware from compromised computers to mitigate the risk of further encryptions and prevent potential spread within a local network.

How to Protect Your Devices and Data from Ransomware Threats?

Protecting devices and data from ransomware threats requires a multi-layered approach to enhance overall cybersecurity. Here are several key practices that users can adopt to safeguard their devices and data:

  • Regular Backups: Frequently back up important data to an external hard drive, cloud service, or another secure location. Ensure the backup process is automated and that multiple versions of files are retained.
  •  Use Reliable Security Software: Install reputable anti-malware software on your devices. Keep security software updated to guarantee protection against the latest threats.
  •  Update Software Regularly: Regularly update operating systems, applications, and security software to patch vulnerabilities. Enable automatic updates whenever possible to ensure timely protection.
  •  Utilize Caution with Email Attachments and Links: Be cautious when opening emails from unknown senders. Accessing suspicious links or downloading attachments from untrusted sources should be avoided.
  •  Educate and Train Users: Educate users on the hazards of phishing emails and social engineering tactics used by cybercriminals. Conduct regular cybersecurity awareness training to empower users with knowledge on identifying potential threats.
  •  Use Strong, Unique Passwords: Create strong, unique passwords for all accounts. The ue of a password manager to securely store and manage complex passwords should be considered.

By incorporating these practices into their cybersecurity strategy, users can significantly enhance their defenses against ransomware infections and minimize the potential impact of an attack on their devices and data.

Victims of the Ldhy Ransomware are left with the following ransom-demanding message:


Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.

You can get and look video overview decrypt tool:

Price of private key and decrypt software is $999.
Discount 50% available if you contact us first 72 hours, that's price for you is $499.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:

Reserve e-mail address to contact us:

Your personal ID:'

Ldhy Ransomware Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

Related Posts


Most Viewed