Threat Database Ransomware Lkhy Ransomware

Lkhy Ransomware

An in-depth analysis of Lkhy has exposed its evil nature as a perilous malware specifically crafted to encrypt the data belonging to its victims. This particular category of malware is commonly known as ransomware. The primary objective of the operators behind such threats is to lock down crucial files on compromised devices and subsequently demand a ransom from the affected users or organizations. The Lkhy Ransomware executes this by altering the names of the affected files, appending the '.lkhy' extension to their original names. For instance, it transforms '1.png' into '1.png.lkhy,' '2.pdf' into '2.pdf.lkhy,' and so forth. Additionally, Lkhy generates a ransom note presented as a text file named '_readme.txt,' which provides payment instructions and contact details.

Moreover, it has been confirmed that Lkhy is a variant of ransomware associated with the STOP/Djvu family. It is crucial to emphasize that the Djvu Ransomware attacks often involve the incorporation of information stealers such as Vidar or RedLine. This underscores the multifaceted and sophisticated nature of Lkhy, posing a severe threat to the security and integrity of the affected systems.

The Victims of the Lkhy Ransomware Are Extorted for Money

The ransom note issued by the Lkhy Ransomware delineates that a broad spectrum of files, including images, databases, and various documents, has undergone encryption using a formidable algorithm. The exclusive pathway to recovering these files lies in obtaining a dedicated decrypt tool along with a unique key. The perpetrators assert a demand for a payment of $999 to grant access to these essential tools, offering a 50% discount as an incentive if the victim responds within a 72-hour timeframe.

Moreover, the cybercriminals present a demonstration of their decryption capabilities by offering to decrypt one file at no cost. However, this offer is contingent upon the submitted file lacking valuable information. The designated email addresses for communication with the attackers are and

Victims are strongly advised to refrain from engaging in negotiations with ransomware attackers or making any ransom payments. Unfortunately, the possibility of accessing the lost files without payment is either unattainable or highly improbable. Additionally, it is imperative for victims to promptly remove the ransomware from compromised computers to mitigate the risk of further encryptions and prevent potential spread within a local network. Taking immediate action is crucial for minimizing the impact of such malicious attacks.

Important Security Measures to Adopt on All Devices

Ensuring the protection of data and devices against ransomware attacks necessitates a comprehensive strategy that incorporates both proactive security measures and heightened user awareness. To effectively safeguard data and devices, users should consider implementing the following essential security measures:

  • Install and Update Anti-malware Software: Employ a robust anti-malware program that can identify and block known ransomware threats. It is crucial to consistently update this security software to keep it abreast of the latest threats.
  •  Enable Firewall Protection: Activate the built-in firewall on your devices to control incoming and outgoing network traffic, thereby blocking potentially unsafe connections that may compromise the system.
  •  Maintain Operating Systems and Software Up to Date: Regularly apply security fixes and updates for operating systems, applications and software. This practice is essential for closing known vulnerabilities that ransomware attackers may exploit to gain unauthorized access.
  •  Exercise Caution with Email Attachments and Links: Maintain vigilance when dealing with email attachments and links, particularly from unfamiliar senders. Try not to access suspicious links and refrain from downloading attachments from sources that are not trusted.
  •  Implement Strong Passwords and Two-Factor Authentication (2FA): Enhance account security by using complex and unique passwords for all accounts, including those for email and online services. Additionally, enable Two-Factor Authentication (2FA) whenever possible to introduce an extra layer of protection.
  •  Regular Data Backups: Create routine backups of critical data and store them on external and secure devices. It is essential to disconnect these backups from the network after completion to prevent potential compromise.
  •  Disable Macros in Office Documents: Since ransomware often spreads through unsafe macros in Office documents, disable macros by default. Only enable them when necessary and from trusted sources to minimize the risk of infection.
  •  Secure Remote Desktop Protocol (RDP): For those using Remote Desktop Protocol (RDP), enhance security by implementing strong passwords, limiting access to specific IP addresses, and considering the use of a Virtual Private Network (VPN) for a supplemental layer of protection.

By incorporating these security measures and maintaining a proactive and vigilant stance, users can significantly diminish the probability of falling victim to ransomware attacks, thus safeguarding their data and devices from potential harm.

Victims of the Lkhy Ransomware are left with the following ransom note:


Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
Do not ask assistants from youtube and recovery data sites for help in recovering your data.
They can use your free decryption quota and scam you.
Our contact is emails in this text document only.
You can get and look video overview decrypt tool:
Price of private key and decrypt software is $999.
Discount 50% available if you contact us first 72 hours, that's price for you is $499.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:

Reserve e-mail address to contact us:

Your personal ID:'

Lkhy Ransomware Video

Tip: Turn your sound ON and watch the video in Full Screen mode.


Most Viewed