DXXD targets Windows servers and the method of distribution is currently unknown. Once infected, the server will display a specially crafted login screen that lets victims know they have been attacked and lists email addresses of the hackers so victims can contact them for further instructions. DXXD appends the extension .dxxd to encrypted files. The ransom payment demand for DXXD is currently unknown.

  • Bleeping Computer provides more information about DXXD here.
  • Bleeping Computer provides a decryption tool for the original version of DXXD, available here.
  • To decrypt the newest version of DXXD, follow the instructions on the Bleeping Computer website, here.

One example of the DXXD variant. Image Source: Bleeping Computer