Multi-Device Licenses (Volume Discounts)

Change Region

English Português
Threat Database Ransomware Axxes Ransomware

Axxes Ransomware

By CagedTech in Ransomware
Translate To:
English

The Axxes Ransomware appears to be a threatening tool utilized by a cybercriminal organization to compromise and lock the data of enterprise organizations. The threat is designed with a sufficiently strong encryption algorithm to prevent the potential restoration of the locked data without assistance from the attackers. Each encrypted file on the breached devices will have '.axxes' appended to its original name. When all suitable files have been processed by the threat, it will leave ransom notes in 'RESTORE_FILES_INFO.hta' and 'RESTORE_FILES_INFO.txt' files.

The main ransom-demanding message is delivered via the .hta file. It states that the victim's network has been breached and over 70 GBs of confidential data have been exfiltrated by the threat actors. According to the note, the collected information consists of employee personal data, credentials for local and remote services, financial information and more. The hackers state that if victims do not meet their requirements, the acquired data will be published to the public on the hacker group's TOR website.

The full text of the ransom note is:

'>> What happened?

Important files on your network was ENCRYPTED and now they have "Axxes" extension.

In order to recover your files you need to follow instructions below.

>> Sensitive Data

Sensitive data on your network was DOWNLOADED. More than 70 GB.

If you DON'T WANT your sensitive data to be PUBLISHED you have to act quickly.

Data includes:

- Employees personal data, CVs, DL, SSN.

- Complete network map including credentials for local and remote services.

- Private financial information including: clients data, bills, budgets, annual reports, bank statements.

>> CAUTION

DO NOT MODIFY ENCRYPTED FILES YOURSELF.

DO NOT USE THIRD PARTY SOFTWARE TO RESTORE YOUR DATA.

YOU MAY DAMAGE YOUR FILES, IT WILL RESULT IN PERMANENT DATA LOSS.

>> What should I do next?

1) Download and install Tor Browser from: hxxps://torproject.org/

2) ymnbqd5gmtxc2wepkesq2ktr5qf4uga6wwrsbtktq7n5uvhqmbyaq4qd.onion /link.php?id=hTjNdkb5OCr74qyYii8r5987laFscF'

Trending

Most Viewed

Loading...