Avaddon ransomware is exploiting Excel 4.0 macros as the Microsoft Security Intelligence alerted the users to one type of ransomware that distributes malicious emails. The emails contained attachments that deploy attacks once opened in any version of Excel as we are reading in the upcoming cryptocurrency news.
The Avaddon ransomware showed up in early June through a massive spam campaign that targeted the victims and some patterns seem to indicate that the ransomware targets Italian users most of the time. As BleepingComputer reported, the attackers behind the ransomware recruited “affiliates” to spread the payload and the average ransom amount is around $9000 paid in crypto. The attack commonly impersonated officials from Italy’s Labor Inspectorate. The message alerted smaller businesses to alleged work violations during “a period of crisis” meaning the COVID-19 pandemic. Microsoft said:
“While an old technique, malicious Excel 4.0 macros started gaining popularity in malware campaigns in recent months. The technique has been adopted by numerous campaigns, including ones that used COVID-19 themed lures.”
Avaddon ransomware emerged in early June. This week’s campaign continues a recent trend of delivering ransomware as the immediate payload in email campaigns. pic.twitter.com/e9GpkadopQ
— Microsoft Security Intelligence (@MsftSecIntel) July 2, 2020
Avaddon’s message explained the pending legal actions which will be taken if the user doesn’t open the malicious documents. A recent study by cybersecurity company Proofpoint shows an increase in email-based phishing attacks that are used to deliver the ransomware. Other reports showed that the new ransomware was targeting macOS users who illegally torrent popular apps and the attack known as EvilQuest was spotted initially by K7 lab malware researcher, Dinesh Devadoss.
Furthermore, Singapore reveals a surge in ransomware attacks during 2019 by noting more than 30 cases. According to the “Cyber Landscape, 2019” study published by the government of Singapore reveals the entity got 35 reports of ransomware attacks in 2019. This represents a surge from the 21 recorded attacks reported in 2018. Usually, the attacks targeted logistic industries, manufacturing, tourism, and travel.
Ransomware fraudsters prefer Monero over Bitcoin because of its increased anonymity so now the victims of the hackers will have to pay with Monero as per the Sodinokibi Ransomware group announcements. The ransomware fraudsters noted that combining the XMR coin with TOR will make the payments impossible to trace. The ransomware operators will start infiltrating into organizations and will encrypt sensible information. They will request victims to pay the ransom via crypto in order to access the data and retrieve it.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at editor@dcforecasts.com
Discussion about this post