Dehd Ransomware is the Latest STOP/Djvu Variant

Victims of the Dehd Ransomware may be in a lot of trouble. This is one of the latest variants of the STOP/Djvu Ransomware family and, unfortunately, it is not decryptable. This means that no one can use a free decryptor to undo the damage. If you are one of Dehd Ransomware's victims, you will only be able to safely restore your files if you have access to a relatively recent backup of your files.

How Does the Dehd Ransomware Reach Victims?

The criminals behind these attacks often explore various malware propagation techniques. In the case of the STOP/Djvu family, they often rely on phishing emails that contain a malicious URL or attachment. However, they may also plant the dangerous file in torrents, game cracks, or software activators such as KMSpico. We advise our readers to avoid interacting with pirated content, and to only fetch files/installers from trustworthy sources. Last but not least, you should be careful when interacting with random or unexpected email messages. Be careful if they include files or links that you are urged to visit.

After the Dehd Ransomware performs its attack, it drops the ransom message '_readme.txt' on the desktop. The criminals promise to provide paying customers with a decryptor. However, their price tag is very high - $490. They also threaten to double the ransom fee amount if the victim does not comply with their request within the next 72 hours.

Victims are told to also message manager@mailtemp.ch or helpmanager@airmail.cc for more details. It might be worth sending one small file to the criminals, since they promise to decrypt it for free. However, you should not accept to send any money their way – this is likely to get you scammed. Instead, use an antivirus scanner to clean the infection, and then try out popular data recovery techniques and utilities.

January 6, 2022