Threat Database Ransomware Xdddd Ransomware

Xdddd Ransomware

The Xdddd Ransomware is a malware threat. The Xdddd Ransomware goal is the same as all the other threats of this type - to lock the users' files with an uncrackable encryption algorithm and then extort the victims for the potential restoration of the data. The Xdddd Ransomware is based on the previously detected Paradise Ransowmare.

When the Xdddd Ransomware begins its encryption algorithm, it will change every affected file's original filename. The threat follows a complex algorithm - it appends the unique ID for the specific victim, followed by the hackers' email, and finally '.xdddd' as a new extension. The email address used to contact the hackers behind this particular ransomware is '' The customary instructions for the victims are delivered as files named '#DECRYPT MY FILES#.html' that are dropped in every folder with encrypted files inside.

The ransom note doesn't mention the specific amount demanded by the hackers, but it does state that the money must be sent in Bitcoins, the most popular cryptocurrency. Victims can use the '' address to initiate communication, and doing so sooner rather than later could affect the size of the ransom. Up to three files can be attached to be decrypted for free, but they must not exceed 1MB in size and shouldn't contain valuable data.

The full text of the Xdddd Ransomware's note is:

'Your files are encrypted!

Paradise Ransomware Team!

Your ID

Your personal KEY


Your important files produced on this computer have been encrypted due a security problem.

If you want to restore them, write to us by email.

You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.

After payment we will send you the decryption tool that will decrypt all your files.


Before payment you can send us 1-3 files for free decryption.

Please note that files must NOT contain valuable information.

The file size should not exceed 1MB.

As evidence, we can decrypt one file


The easiest way to buy bitcoin is LocalBitcoins site.

You have to register, click Buy bitcoins and select the seller by payment method and price


Also you can find other places to buy Bitcoins and beginners guide here:


write to Google how to buy Bitcoin in your country?






Do not rename encrypted files

Do not try to decrypt your data using third party software, it may cause permanent data loss

You are guaranteed to get the decryptor after payment

As evidence, we can decrypt one file

Do not attempt to use the antivirus or uninstall the program

This will lead to your data loss and unrecoverable

Decoders of other users is not suitable to decrypt your files - encryption key is unique.'

Should Victims Pay the Ransom?

The cryptovirus doesn’t leave victims with any option but to pay the ransomware authors. Even so, we highly recommend against doing that. There are many cases where hackers ignored their victims after receiving the ransom. There are also cases where victims were given decryption software that didn’t work or installed other malicious software. Paying ransomware attackers also encourages them to continue spreading their malware. You should never trust the criminals to do what they say, no matter what.

What Can Victims Do?

The first thing victims should do is look to remove the ransomware from their computers. Antivirus and antimalware software can get the job done. When it comes to restoring lost data, your best bet is to use an external backup. If you have data backed up to an external device or the cloud, you have nothing to fear. If not, you may be able to use file recovery software. However, there’s no guarantee these programs will work as ransomware typically deletes the Shadow Volume Copies the software use.

Xdddd Ransomware Distribution Methods

Attackers have several methods of distributing this file-encoding virus to victims. The most common infection method is malspam campaigns. Attackers send thousands of emails disguised to look as if they come from a legitimate source. The emails have attachments or links attached to them.

When the recipient accesses the link or attached file, the virus gets to work infecting the computer. One of the simplest ways to protect yourself against ransomware is to be careful when opening emails from unknown sources. Don’t open email attachments unless you are sure where the email came from.


Most Viewed