BTC $70614.7035
ETH $3511.7004
BNB $620.2579
SOL $173.0218
XRP $0.6097
stETH $3507.5030
DOGE $0.1974
TON $7.0340
ADA $0.5814
AVAX $46.2782
wstETH $4079.6154
DOT $8.3856
BCH $610.3232
WETH $3506.2796
WBTC $70620.3107
TRX $0.1214
LINK $17.6767
MATIC $0.8810
UNI $9.1130
LTC $98.3227
ICP $15.5376
CAKE $3.7378
DAI $0.9997
IMX $2.5624
ETC $33.6826
RNDR $9.0476
STX $3.0152
FIL $8.0739
MNT $1.3057
TAO $634.6650
NEAR $6.7707
HBAR $0.0996
ATOM $10.7689
VET $0.0473
OKB $56.7850
WIF $3.4067
FDUSD $1.0024
KAS $0.1425
MKR $3339.9801
PEPE $0.0000
GRT $0.3118
THETA $2.9461
INJ $31.7489
FET $2.5268
XLM $0.1299
XMR $133.8901
USDE $1.0008
BTC $70614.7035
ETH $3511.7004
BNB $620.2579
SOL $173.0218
XRP $0.6097
stETH $3507.5030
DOGE $0.1974
TON $7.0340
ADA $0.5814
AVAX $46.2782
wstETH $4079.6154
DOT $8.3856
BCH $610.3232
WETH $3506.2796
WBTC $70620.3107
TRX $0.1214
LINK $17.6767
MATIC $0.8810
UNI $9.1130
LTC $98.3227
ICP $15.5376
CAKE $3.7378
DAI $0.9997
IMX $2.5624
ETC $33.6826
RNDR $9.0476
STX $3.0152
FIL $8.0739
MNT $1.3057
TAO $634.6650
NEAR $6.7707
HBAR $0.0996
ATOM $10.7689
VET $0.0473
OKB $56.7850
WIF $3.4067
FDUSD $1.0024
KAS $0.1425
MKR $3339.9801
PEPE $0.0000
GRT $0.3118
THETA $2.9461
INJ $31.7489
FET $2.5268
XLM $0.1299
XMR $133.8901
USDE $1.0008
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Scientists have discovered three new strains of ransomware in the wild


    Remember the names: Octocrypt, Alice and AXLocker, because we will definitely hear about them again.

    Experts from Cyble Research and Intelligence Labs (CRIL) have discovered three new strains of ransomware: AXLocker, Octocrypt and Alice.

    AXLocker encrypts victims' files and steals Discord tokens from the infected computer. The analysis of the code showed that using the startencryption() function, the malware searches for the necessary files by sorting through the available directories on the C:\ drive. AXLocker only targets files with a specific extension and excludes some directories from the encryption list.

    The malware uses the AES encryption algorithm to encrypt files. Unlike other ransomware, it does not change the name or extension of the encrypted one.

    After encrypting the necessary files, AXLocker collects and sends the following set of information to attackers:

    Computer name;
    Username;
    computer IP address;
    UUID of the system;
    Discord tokens.

    The malware uses regular expressions to search for Discord tokens in local storage files and then sends them to the attackers' Discord server along with other information.

    When finished with data encryption and information collection, AXLocker displays a window containing a note with instructions and a request to contact the operators. The note does not specify the amount that the victim must pay for the decryption of their data.

    In addition to AXLocker, Cyble researchers also discovered two other ransomware:

    Octocrypt. This malware is written in Golang and distributed using the Ransomware-as-a-Service (RaaS) scheme. Attackers offer to buy it for $400:
    Alice. Little is known about this malware. The researchers found out only that it is also distributed according to the RaaS scheme.

    And even though all of the above ransomware is more aimed at ordinary users, experts believe that they can pose a threat to large companies as well.

    Author DeepWeb
    Hackers use the Sign of the Internet to deliver malware
    Lazarus hackers update their ATM hacking tool

    Comments 0

    Add comment