Join our followers
Ransomware Attack Hits Insurance Giant AXA One Week After It Changes Cyber Insurance Policies in France
Tuesday, May 25, 2021
Though the group itself is active, the recent spate of ransomware attacks connected to its offerings shows a lack of sophistication that indicates low-tech clients are flocking to its services. Avaddon ransomware is mostly observed attached to spam emails, often claiming that the sender has compromising pictures of the target.
While the Avaddon clients may not be sophisticated, the ransomware package itself is fairly advanced. Avaddon ransomware attacks steal files ahead of locking out systems and also threaten DDoS attacks against victims if they do not pay up. As the recent incident with AXA shows, the latter is not an idle threat. The inclusion of DDoS attacks in ransomware packages is a very new phenomenon, as Ilia Kolochenko (Founder and CEO of ImmuniWeb) notes: “Usually, DDoS cyber gangs do not operate jointly with ransomware folks. Combining a ransom demand with a large-scale DDoS is a bit unusual, and clearly demonstrates a growing coordination between cybercrime groups.”
When activated the Avaddon malware first checks the target system’s keyboard and language settings to verify it is not located in the Commonwealth of Independent States of Eurasia; if it is the attack will cease automatically. The ransomware also uses a unique and strong AES256 encryption key. Stolen data is published on an underground data leak site if victims do not pay; the average ransom demand is $40,000 USD in Bitcoin. Read Full Article
Dark Reading: Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise
The Tech Blog Writer: 1593: ImmuniWeb – Attack Surface Management with Dark Web Monitoring
