Threat Watch

Wave of Avaddon Ransomware Triggers Multi-Government Warning

Following a recent surge of attacks involving Avaddon ransomware, the United States and Australian cyber-security agencies have released alerts regarding the ransomware group’s tactics, techniques, and procedures, the Record reports. As described in a brief released by the FBI, the group has been observed compromising poorly secured Remote Desktop (RDP) and corporate Virtual Private Network (VPN) portals.  Similar to other ransomware families, Avaddon also has a leak site where they release stolen data from companies that refuse to pay. While Avaddon has also bragged about their ability to execute DDoS attacks, the FBI has not identified any Avaddon incident involving DDoS.

ANALYST NOTES

As the most common means of compromise involves poorly secured VPN/RDP portals, Binary Defense recommends enabling 2FA (two-factor authentication) when available in order to ensure that users can have much firmer control over their own access. Additionally, Binary Defense recommends deploying a 24/7 SOC monitoring solution, such as Binary Defense’s own Security Operations Task Force, to watch for unusual behaviors from authorized user accounts that are abused by attackers through stolen credentials.

For more information, please read:
https://therecord.media/wave-of-avaddon-ransomware-attacks-triggers-acsc-fbi-warning/

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch
Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support