Do you know how to avoid this Discord ransomware? There has been the discovery of a new malware family that targets cryptocurrency users.
AXLocker is a new strain of malware developed by Cyble security experts that not only encrypts all files detected on the endpoint. But also steals the users’ Discord authentication tokens.
Discord is a long-running communication tool that has recently regained popularity among cryptocurrency enthusiasts. Discord is the preferred communication platform for NFT projects, cryptocurrency tokens, and startups like these.
How to avoid this Discord ransomware: 48-hour time limit
Discord downloads a little token onto the computer when a user logs in. So that they don’t have to log in every time they visit. Threat actors could access the victim’s account by stealing this token without needing their passwords or other login information.
AXLocker is nothing out of the norm except for that. Once activated, the malware avoids some folders and targets particular file extensions. The files are encrypted using the AES technique, but their filenames and extensions are left unchanged. It demands cryptocurrency payment and gives users 48 hours to abide by it.
While the NFT and cryptocurrency community is accustomed to cyberattacks and different criminals pursuing their digital property, the theft of Discord tokens makes this ransomware attack even more potent.
After all, if the owner or creator of such a project had their Discord tokens stolen, thieves might exploit their identity to start phony campaigns and steal the NFTs and cryptocurrencies of the community members.
Nevertheless, consumers remain AXLocker’s primary target, according to BleepingComputer.
Regarding AXLocker’s method of dissemination, nothing was known. To trick people into downloading and running the malware, threat actors frequently use phishing emails, fake landing pages, and social engineering (fake LinkedIn identities, for instance).