their already impressive arsenal. According to researchers at
Cyble, this ransomware isn’t particularly sophisticated beyond the fact that it is
good at stealing Discord tokens from a victim’s machine.
After infecting the machine, it starts encrypting essential files and then
sends the victim’s sensitive information such as Computer name,
Username, Machine IP address, System UUID, and
Discord tokens to the operator’s server. It then displays a
ransom note like the one shown below.
“This ransomware uses the AES encryption algorithm to encrypt files”.
“We observed that the ransomware does not change the file name or extension
after the encryption,” researchers said in a