Can you help me solving this question

Problem 2.3, 10 points. In class we showed that the ElGamal scheme is not IND-CCA secure. Consider the following attempt to make the ElGamal scheme IND- CCA secure. Fix a cyclic group G of order q and a generator g. Let H be a public function such that for any message in the message space M H(M) can be viewed as a group element. A proposed HEG= (K, E, D) scheme is as follows. Algorithm k Algorithm Ex (M) Algorithm D (Y, W) Parse M' as MZ W K . (MlIH(M)) | If Z = H(M) then return M else return Return (pk, sk)Return (Y,w) Note that the attack presented in class does not work. Show, that nevertheless the scheme sll IND-CCA insecure even if DDH is hard for G, g. Assume that an adversary knows G, g