Tywd Ransomware Joins Djvu Clone Family to Extort PC User Victims


Tywd is a type of malicious software known as ransomware that encrypts files on a victim's computer and demands payment in return for decryption tools. Our team encountered Tywd while monitoring for new malware samples. Each encrypted file's name has a ".tywd" extension added to it, and a ransom note named "_readme.txt" is left behind.

This specific strain of ransomware is a variant of the Djvu ransomware family and may be spread along with other malware like RedLine or Vidar. For example, it renames "1.jpg" to "1.jpg.tywd" and "2.png" to "2.png.tywd" after encrypting them.

Upon studying the "_readme.txt" ransom note, we found that it contains payment and contact information. The attackers advise victims to communicate with them via support@freshmail.top or datarestorehelp@airmail.cc within 72 hours and give them the chance to acquire the decryption software and key at a reduced price of $490 rather than the original cost of $980.

Tywd Ransom Note Uses Djvu Template

The complete text of the Tywd ransom note reads as follows:


Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:

Reserve e-mail address to contact us:

Your personal ID:

How Can You Protect Your Home Computer from Ransomware Like Tywd?

There are several ways to protect your home computer from ransomware like Tywd. Here are some tips:

  • Keep your operating system and software up to date: Make sure your computer's operating system and all software are updated with the latest security patches to prevent vulnerabilities from being exploited.
  • Use antivirus software: Install reputable antivirus software and keep it updated to detect and block ransomware infections.
  • Backup your files regularly: Make regular backups of your important files and store them on an external hard drive or cloud storage service. This way, you can restore your files without having to pay the ransom if your computer gets infected with ransomware.
  • Be careful with email attachments: Avoid opening email attachments from unknown senders or suspicious emails in general.
  • Don't click on suspicious links: Be cautious when clicking on links, especially those in emails or social media posts.
  • Use strong passwords: Use strong, unique passwords for all your online accounts and change them regularly.
  • Enable two-factor authentication: Use two-factor authentication for your online accounts to add an extra layer of security.

By following these tips, you can greatly reduce the risk of your home computer being infected with ransomware like Tywd.

March 22, 2023

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.