Avaddon ransomware targeting Australian organisations


By Dylan Bushell-Embling
Tuesday, 11 May, 2021

Avaddon ransomware targeting Australian organisations

The Australian Cyber Security Centre (ACSC) has warned of ongoing ransomware campaigns targeting multiple Australian organisations.

The Avaddon ransomware-as-a-service campaign is actively targeting the government, academia and numerous commercial sectors, the ACSC warned in an advisory.

The malware is primarily spread using phishing and malicious email spam campaigns to deliver malicious JavaScript files, the ACSC said.

Other characteristics of the campaigns involving the ransomware variant include using ‘double extortion’ techniques as coercion and further pressure to pay a ransom including threatening to leak the victim’s data if a ransom is not paid, as well as threatening DDoS attacks against victims.

Once installed on a compromised system, Avaddon ransomware has a wide range of capabilities including capturing keystrokes, payment card data and system network information; creating, copying and deleting files; reading and writing memory; starting or stopping services; and gaining persistence via a Windows registry Run key.

Avaddon threat actors demand ransom payment via Bitcoin, with an average demand of around 0.73 bitcoin — amounting to around US$40,000 ($51,000).

To mitigate the risk of compromise, the ACSC is urging organisations to keep operating systems and applications up to date, scan emails and attachments for malware, and maintain offline, encrypted backups of data.

Training processes should be implemented to identify phishing and externally sourced emails, and backups should be regularly tested and kept offline or in separated networks, the ACSC said.

Image credit: ©stock.adobe.com/au/zefart

Related News

Half of government agencies falling short on email security measures: report

Lack of consistency across Australian Government bodies leaves critical vulnerabilities in the...

CISA and Microsoft warn of “active attacks” on SharePoint

Alerts have been published active attacks exploiting a remote code execution vulnerability in...

NSW Government agencies have ineffective cybersecurity controls: report

The Audit Office of New South Wales has found that NSW Government agencies still have minimal...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd