When it comes to developing unique ways to attack, the imagination of cybercriminals is incredible. Every time to get what they want, be it money or data, they go to extraordinary lengths. Often the new ransomware strains we hear about are better than the previous one. Each day, they are getting sophisticated. One such ransomware strain that is making news headlines is Avaddon Ransomware.
Launched in June 2020 via a phishing campaign that contained winking smiley, Avaddon Ransomware has been creating havoc.
Today we will learn about this ransomware and how to stay protected from it.
Important Information: By getting access to domain admin accounts or other privileged accounts. Avaddon ransomware targets both Windows and Linux systems
What Is Avaddon Ransomware?
Avaddon Ransomware is a ransomware-as-a-service (RaaS) provider.
To learn about ransomware and RaaS, read further.
Ransomware in simple words is a malware designed to earn money. Usually, this type of malware encrypts all the data present on a laptop or smartphone & kicks the user out. Thereafter, to access data the user is asked to pay a certain amount. Upon receiving the payment, a promise to give a decryption key is made. But there’s no guarantee if the decryption key will work or not.
Like Software as a service (SaaS), the Ransomware-as-Service is a new business model for developers. Using it ransomware developers lease or sell their ransomware variants. This makes ransomware usable by novice users.
How Avaddon Works?
Avaddon Ransomware that started offering Ransomware-as-a-Service model in June 2020 is spread via:
- Phishing mails
Moreover, to encrypt data this ransomware uses an AES256 encryption key and is written in C++. Also, to identify default geolocation and system language of the user’s device to determine whether the user will be targeted for attacks or not they use getuserdefaultlcid() function
Latest News About Avaddon
At this time, all Avaddon’s Tor sites are inaccessible. This indicates the Avaddon ransomware gang has shut down. But the reason behind it is not clear.
Speculation says, after recent attacks against critical infrastructure as the pressure increased from law enforcement and governments worldwide, the team had to go shut down.
French insurance company AXA –
Melbourne-based service provider called Communication – platinum partner of the telecom giant Telstra.
Victims By Country
According to the cybersecurity firm, Advanced Intel Avaddon targeted mostly USA organizations followed by Canada and the rest of the world were targeted.
Victims By Industry
Three main industries targeted by Avaddon are:
- Retail 12.5%
- Manufacturing 12.2% & 6.3%
- Finance 7.5%
Revenue Earned By Avaddon – Approximately $87 Million
On average, revenue earned from Avaddon victims is as follows:
- USD 13 Million for small businesses
- USD 287 Million for medium-sized victims
- USD 3.7 Billion for larger businesses
What To Do If You Are Infected?
When infected by Avaddon ransomware, you need to do the following things:
- Identify the infected devices and remove them from the network.
- Don’t shut the devices before disconnecting from the network
- Check for the damage done. If the backups are safe, make an offline copy ASAP.
How To Stay Protected From Malware, Virus, Ransomware, And Adware Attacks?
There’s no 100% proven way to stay protected. Yet using an updated antivirus that offers real-time protection, exploit protection, web browsing safety you can be guarded. For this, you can try Systweak Antivirus – one of the best security tools for your Windows.
With this tool installed on your system, you can stay protected from both old and latest threats. Moreover, you can run automatic scans, detect malicious and infected startup items, and a lot more. What’s more, Systweak Antivirus also offers a StopAll Ads browser extension that you can install to block ads.
To use this amazing tool, follow the steps below:
1. Download and install Systweak Antivirus
2. Launch the excellent and power packer security solution
3. Click the Scan Types from the left pane > select Deep Scan.
4. Though Deep Scan is time-consuming, it is a thorough way to scan every corner of the system.
5. Wait for the scan to finish.
6. Review scan results and click Protect Now to clean infections
7. Once done, you will get a summary of quarantined threats.
8. Restart the system to apply changes.
This way, you can keep your system secure from threats.
Avaddon Ransomware: Final Thoughts
Certainly, being attacked by malware, ransomware, virus, or any nasty threat is not good. And when it is something like Avaddon Ransomware it’s an unpleasant twist. The only way to stay protected and prevent yourself is to use a good security solution like Systweak Antivirus.
Developed by Systweak this antivirus tool receives database updates regularly and allows different modes of scanning. Not only this, unlike other security tools it is light on system resources and doesn’t interfere with the working of any programs.
With that said, we recommend giving it a try. We hope we were able to help understand the Avaddon Ransomware and how to stay protected. Please share your thoughts about the same in the comments section.
If you find the post helpful do share it with others and leave us your feedback in the comments section.