Ransomware, Malware

Discord accounts targeted by new AXLocker ransomware

Discord accounts are being stolen by the new AXLocker ransomware family, in addition to performing file encryption, reports BleepingComputer. Cyble researchers discovered that execution of AXLocker would promptly target particular file extensions while excluding key folders. After encrypting files using the AES algorithm, AXLocker proceeds to leverage a webhook URL to facilitate the delivery of victim ID, system details, browser-stored data, and Discord tokens to attackers' Discord channel, while the Discord token is being exfiltrated by scanning seven key directories. Victims of AXLocker will be given a pop-up with the ransom note that gives them a 48-hour deadline to communicate with attackers. However, no ransom amount is detailed in the note. The report noted the significant threat of AXLocker ransomware to large communities, which should prompt individuals whose computers have been encrypted by AXLocker to immediately replace their Discord passwords in an effort to prevent further account, data, and community compromise.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Adware

You can skip this ad in 5 seconds