Ransomware, Malware
Discord accounts targeted by new AXLocker ransomware
Discord accounts are being stolen by the new AXLocker ransomware family, in addition to performing file encryption, reports BleepingComputer.
Cyble researchers discovered that execution of AXLocker would promptly target particular file extensions while excluding key folders. After encrypting files using the AES algorithm, AXLocker proceeds to leverage a webhook URL to facilitate the delivery of victim ID, system details, browser-stored data, and Discord tokens to attackers' Discord channel, while the Discord token is being exfiltrated by scanning seven key directories.
Victims of AXLocker will be given a pop-up with the ransom note that gives them a 48-hour deadline to communicate with attackers. However, no ransom amount is detailed in the note.
The report noted the significant threat of AXLocker ransomware to large communities, which should prompt individuals whose computers have been encrypted by AXLocker to immediately replace their Discord passwords in an effort to prevent further account, data, and community compromise.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds