Avaddon ransomware targeting Australian organisations
The Australian Cyber Security Centre (ACSC) has warned of ongoing ransomware campaigns targeting multiple Australian organisations.
The Avaddon ransomware-as-a-service campaign is actively targeting the government, academia and numerous commercial sectors, the ACSC warned in an advisory.
The malware is primarily spread using phishing and malicious email spam campaigns to deliver malicious JavaScript files, the ACSC said.
Other characteristics of the campaigns involving the ransomware variant include using ‘double extortion’ techniques as coercion and further pressure to pay a ransom including threatening to leak the victim’s data if a ransom is not paid, as well as threatening DDoS attacks against victims.
Once installed on a compromised system, Avaddon ransomware has a wide range of capabilities including capturing keystrokes, payment card data and system network information; creating, copying and deleting files; reading and writing memory; starting or stopping services; and gaining persistence via a Windows registry Run key.
Avaddon threat actors demand ransom payment via Bitcoin, with an average demand of around 0.73 bitcoin — amounting to around US$40,000 ($51,000).
To mitigate the risk of compromise, the ACSC is urging organisations to keep operating systems and applications up to date, scan emails and attachments for malware, and maintain offline, encrypted backups of data.
Training processes should be implemented to identify phishing and externally sourced emails, and backups should be regularly tested and kept offline or in separated networks, the ACSC said.
Audit finds agencies ramped up AI in 2024 with no policies in place
An audit by ANAO found that at least 20 government entities were using artificial...
Fortinet opens new Australian headquarters
Fortinet's new Australian headquarters in North Sydney will serve as the security...
Government invests $6.4 million in cybersecurity network for health sector
Australia's health sector receives a $6.4 million cybersecurity boost with the creation...