Youhau Ransomware is a New VoidCrypt Clone


Researchers from our team have recently uncovered Youhau, a type of ransomware that encrypts data, changes file names, and generates a ransom note. Youhau came to our attention during an analysis of malware samples. It is part of the VoidCrypt ransomware family, which is known for its malicious behavior.

Youhau's ransom note is a text file labeled "Dectryption-guide.txt." The malware adds the victim's ID, the email address "," and the ".youhau" extension to the original filenames. For example, "1.jpg" would become "1.jpg.MJ-MI0647895312.youhau," while "2.png" would become "2.png.MJ-MI0647895312.youhau."

The ransom note provides information to the victims about the encryption of their files using a cryptography algorithm. It also warns them not to alter or rename the files, use any third-party applications or recovery tools, or reinstall the operating system. Doing so could result in the loss of the key file and permanent data loss.

The ransom note instructs victims to send a test file and the key file located in the "C:/ProgramData" folder of their system to the email address provided, either or The attackers will then use this information to facilitate payment and provide the decryption key.

Youhau Ransom Note Written in Poor English

The complete text of the Youhau ransom note goes as follows:

Your Files Are Has Been Locked

Your Files Has Been Encrypted with cryptography Algorithm

If You Need Your Files And They are Important to You, Dont be shy Send Me an Email

Send Test File + The Key File on Your System (File Exist in C:/ProgramData example : RSAKEY-SE-24r6t523 pr RSAKEY.KEY) to Make Sure Your Files Can be Restored

Get Decryption Tool + RSA Key AND Instruction For Decryption Process


1- Do Not Rename or Modify The Files (You May loose That file)

2- Do Not Try To Use 3rd Party Apps or Recovery Tools ( if You want to do that make an copy from Files and try on them and Waste Your time )

3-Do not Reinstall Operation System(Windows) You may loose the key File and Loose Your Files

Your Case ID :-

OUR Email

in Case of no answer:

How Can You Protect Your System from Ransomware Like Youhau?

To protect your system from ransomware like Youhau, it's essential to follow good cybersecurity practices. Some of these practices include:

  • Keep your software up-to-date: Make sure your operating system and software applications are up-to-date with the latest security patches and updates.
  • Use strong passwords: Use unique and complex passwords for your accounts and devices. Avoid using the same password for multiple accounts.
  • Use anti-malware software: Install and use reputable anti-malware software that provides real-time protection against malware and ransomware.
  • Be careful when opening email attachments: Avoid opening email attachments or clicking on links in emails from unknown or suspicious sources.
  • Backup your data regularly: Regularly back up your important files and data to an external hard drive or cloud storage.
  • Enable two-factor authentication (2FA): Enable 2FA on your accounts wherever possible, which adds an extra layer of security to your login process.

These practices will not guarantee complete protection against ransomware attacks like Youhau, but they can reduce the likelihood of an attack and minimize the potential damage.

March 15, 2023

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.