Total Tests:
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

Ransomware Attack Hits Insurance Giant AXA One Week After It Changes Cyber Insurance Policies in France

By Scott Ikeda for CPO Magazine
Tuesday, May 25, 2021

Though the group itself is active, the recent spate of ransomware attacks connected to its offerings shows a lack of sophistication that indicates low-tech clients are flocking to its services. Avaddon ransomware is mostly observed attached to spam emails, often claiming that the sender has compromising pictures of the target.

While the Avaddon clients may not be sophisticated, the ransomware package itself is fairly advanced. Avaddon ransomware attacks steal files ahead of locking out systems and also threaten DDoS attacks against victims if they do not pay up. As the recent incident with AXA shows, the latter is not an idle threat. The inclusion of DDoS attacks in ransomware packages is a very new phenomenon, as Ilia Kolochenko (Founder and CEO of ImmuniWeb) notes: “Usually, DDoS cyber gangs do not operate jointly with ransomware folks. Combining a ransom demand with a large-scale DDoS is a bit unusual, and clearly demonstrates a growing coordination between cybercrime groups.”

When activated the Avaddon malware first checks the target system’s keyboard and language settings to verify it is not located in the Commonwealth of Independent States of Eurasia; if it is the attack will cease automatically. The ransomware also uses a unique and strong AES256 encryption key. Stolen data is published on an underground data leak site if victims do not pay; the average ransom demand is $40,000 USD in Bitcoin. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential