Hhee Ransomware is a Djvu Clone Targeting Files to Encrypt
Our team discovered a new ransomware variant, Hhee, which is part of the Djvu family.
Hhee encrypts data and adds the ".hhee" extension to the affected files. After encryption, it leaves a "_readme.txt" ransom note with two email addresses for victims to contact in order to purchase decryption software and a unique key.
The initial price is set at $980 but if contacted within 72 hours, victims can get it for $490. Additionally, they can send one encrypted file for free decryption as long as it does not contain valuable data. Hhee may be distributed alongside other malicious software such as infostealers.
Table of Contents
The Hhee ransom demands
The Hhee ransomware uses the same ransom note format and core text as every other Djvu clone. The full note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-UQkYLBSiQ4
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
Why is it not possible to recover files encrypted by ransomware similar to Hhee?
It is not possible to recover files encrypted by ransomware similar to Hhee because the encryption process used by these types of ransomware is designed to be irreversible. The encryption algorithms used are extremely complex and cannot be easily decrypted without the unique key provided by the threat actors. Additionally, even if a victim were able to obtain the unique key, there is no guarantee that it would work on their specific files as each file is encrypted with its own unique key.
Why is it not a good idea to pay ransom demands made by hackers?
It is not a good idea to pay ransom demands made by hackers because there is no guarantee that they will actually provide the decryption key or software after payment. Additionally, paying the ransom encourages hackers to continue their malicious activities and may lead to further attacks on other victims. Furthermore, paying the ransom does not guarantee that all of your data will be recovered, as some files may be permanently lost due to corruption or other factors. Finally, paying a ransom may also expose you to legal risks if the money is used for illegal activities.
