Recently, the Australian Cyber Security Centre (ACSC) along with the Federal Bureau of Investigation (FBI) has detected ongoing attacks of the “Avaddaon ransomware,” that is targeting the organizations in a variety of sectors.
The cybersecurity researchers at ACSC have claimed in their report that this Avaddon ransomware campaign is continuously targeting the organizations globally in various industries, that includes the sectors like government, finance, energy, manufacturing, and healthcare organizations.
According to the FBI flash alert report of last week cleared that the hackers of this Avaddon ransomware are trying to break the networks of manufacturing, healthcare, and other private sector organizations.
The Avaddon ransomware is used by the threat actors as a ransomware-as-a-service campaign and it’s being spread using phishing and malicious email spam operations so that the hackers can easily deliver the malicious JavaScript files.
After thoroughly analyzing the Avaddon ransomware, the specialists have listed all the countries as well as the sectors that are targeted by this ransomware, and here we have mentioned them below.
During the investigation, the security analysts have found that the threat actors who were behind Avaddon ransomware were attacking with denial-of-service (DDoS) attacks.
But the report of the FBI has cleared that they have not yet found any evidence regarding DDoS attacks. However, this ransomware attack has been first found in January 2021.
Moreover, at that time the experts reported about two other ransomware operations (SunCrypt and RagnarLocker), and here the most interesting thing about their operation is that they both were using this new manoeuvre.
According to the report, this ransomware was initially detected in February 2019, and in June the hackers started recruiting affiliates so that they can execute its operation.
Avaddon was rewarded each affiliate nearly 65% of ransom payments, and on the other side, the operators of this Avaddon ransomware were getting nearly 35% share of the accumulated ransom.
For the decryption tool (Avaddon General Decryptor), the affiliates of Avaddon generally demands an average ransom payment of about $41,627 (0.73 bitcoins).
Moreover, the hackers of the Avaddon RaaS operation also ask each and every affiliate to follow some rules that are being set by them.
The experts said that these kind of attacks are quite common, but one should know how to keep themselves safe from such attacks. However, the researchers have recommended some mitigations for the organizations, and here we have mentioned them below:-
Before encrypting the systems the Avaddon ransomware affiliates also steal the data from their victims’ networks only for the double-extortion, and they are well-known for this exercise.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Zohocorp, the company behind ManageEngine, has released a security update addressing a critical SQL injection…
A critical new vulnerability has been discovered in Citrix’s Virtual Apps and Desktops solution, which…
Sonatype, the company behind the popular Nexus Repository Manager, has issued security advisories addressing two…
Cybersecurity researchers have detected the active exploitation of a zero-day vulnerability in GeoVision devices, which…
A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors…
SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers…