Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild
21-Nov-22
In addition to encrypting victims’ data, the AXLocker ransomware also harvests Discord tokens from the compromised computer. By listing the available directories on the C: drive, the startencryption() method implements the ability to search for files, according to an analysis of the code.
Only specific file extensions are targeted by the malware, and a list of directories are not included in the encryption process. The AXLocker ransomware encrypts files using the AES encryption method; unlike other ransomware, it leaves the file’s name and extension alone.
