Avaddon Ransomware – How to Stay Protected & What to Do When You’ve Been Hit

Ransomware Tech News

When it comes to developing unique ways to attack, the imagination of cybercriminals is incredible. Every time to get what they want, be it money or data, they go to extraordinary lengths. Often the new ransomware strains we hear about are better than the previous one. Each day, they are getting sophisticated. One such ransomware strain that is making news headlines is Avaddon Ransomware.

Launched in June 2020 via a phishing campaign that contained winking smiley, Avaddon Ransomware has been creating havoc.

Avaddon Ransomware
Source – bleepingcomputer – Avaddon Phishing Email

Today we will learn about this ransomware and how to stay protected from it.

Important Information: By getting access to domain admin accounts or other privileged accounts. Avaddon ransomware targets both Windows and Linux systems

What Is Avaddon Ransomware?

List of Contents

Avaddon Ransomware is a ransomware-as-a-service (RaaS) provider.

To learn about ransomware and RaaS, read further.

Ransomware in simple words is a malware designed to earn money. Usually, this type of malware encrypts all the data present on a laptop or smartphone & kicks the user out. Thereafter, to access data the user is asked to pay a certain amount. Upon receiving the payment, a promise to give a decryption key is made. But there’s no guarantee if the decryption key will work or not.

Like Software as a service (SaaS), the Ransomware-as-Service is a new business model for developers. Using it ransomware developers lease or sell their ransomware variants. This makes ransomware usable by novice users.

How Avaddon Works?

Avaddon Ransomware that started offering Ransomware-as-a-Service model in June 2020 is spread via:

  • Phishing mails
  • Malicious Spam Campaigns that deliver malicious JavaScript files
What Is Avaddon Ransomware
Source securityaffairs.co.

Moreover, to encrypt data this ransomware uses an AES256 encryption key and is written in C++. Also, to identify default geolocation and system language of the user’s device to determine whether the user will be targeted for attacks or not they use getuserdefaultlcid() function

Latest News About Avaddon

At this time, all Avaddon’s Tor sites are inaccessible. This indicates the Avaddon ransomware gang has shut down. But the reason behind it is not clear.

Speculation says, after recent attacks against critical infrastructure as the pressure increased from law enforcement and governments worldwide, the team had to go shut down.

Avaddon’s Target

French insurance company AXA – 

French insurance company AXA
Source: hacread.com

Melbourne-based service provider called Communication – platinum partner of the telecom giant Telstra.

Victims By Country

According to the cybersecurity firm, Advanced Intel Avaddon targeted mostly USA organizations followed by Canada and the rest of the world were targeted.

Victims By Country 
Avaddon ransomware victims by country

Victims By Industry

Three main industries targeted by Avaddon are:

  • Retail 12.5%
  • Manufacturing 12.2% & 6.3%
  • Finance 7.5%

Victims By Industry

Revenue Earned By Avaddon – Approximately $87 Million

On average, revenue earned from Avaddon victims is as follows:

  • USD 13 Million for small businesses
  • USD 287 Million for medium-sized victims
  • USD 3.7 Billion for larger businesses

Revenue Earned By Avaddon

What To Do If You Are Infected?

When infected by Avaddon ransomware, you need to do the following things:

  1. Identify the infected devices and remove them from the network.
  2. Don’t shut the devices before disconnecting from the network
  3. Check for the damage done. If the backups are safe, make an offline copy ASAP.

How To Stay Protected From Malware, Virus, Ransomware, And Adware Attacks?

There’s no 100% proven way to stay protected. Yet using an updated antivirus that offers real-time protection, exploit protection, web browsing safety you can be guarded. For this, you can try Systweak Antivirus – one of the best security tools for your Windows.

With this tool installed on your system, you can stay protected from both old and latest threats. Moreover, you can run automatic scans, detect malicious and infected startup items, and a lot more. What’s more, Systweak Antivirus also offers a StopAll Ads browser extension that you can install to block ads.

To use this amazing tool, follow the steps below:

1. Download and install Systweak Antivirus

2. Launch the excellent and power packer security solution

3. Click the Scan Types from the left pane > select Deep Scan.

home screen

4. Though Deep Scan is time-consuming, it is a thorough way to scan every corner of the system.

5. Wait for the scan to finish.

6. Review scan results and click Protect Now to clean infections

7. Once done, you will get a summary of quarantined threats.

8. Restart the system to apply changes.

This way, you can keep your system secure from threats.

Avaddon Ransomware: Final Thoughts

Certainly, being attacked by malware, ransomware, virus, or any nasty threat is not good. And when it is something like Avaddon Ransomware it’s an unpleasant twist. The only way to stay protected and prevent yourself is to use a good security solution like Systweak Antivirus.

Developed by Systweak this antivirus tool receives database updates regularly and allows different modes of scanning. Not only this, unlike other security tools it is light on system resources and doesn’t interfere with the working of any programs.

With that said, we recommend giving it a try. We hope we were able to help understand the Avaddon Ransomware and how to stay protected. Please share your thoughts about the same in the comments section.

If you find the post helpful do share it with others and leave us your feedback in the comments section.

What Do You Think?
Responses

Leave a Reply


The Firefox logo isn’t a fox

It is a common misbelief that the furry creature in the Firefox logo is a fox thanks to its name. But it is rather a Red Panda.