fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US And Australia Warn Of Escalating Avaddon Ransomware Attacks

US And Australia Warn Of Escalating Avaddon Ransomware Attacks

The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide.

The FBI said in a TLP:GREEN flash alert last week that Avaddon ransomware affiliates are trying to breach the networks of manufacturing, healthcare, and other private sector organizations around the world.

The ACSC expanded on the targeting information today, saying that the ransomware gang’s affiliates are targeting entities from a wide range of sectors, including but not limited to government, finance, law enforcement, energy, information technology, and health.

While the FBI only mentions the ongoing attacks, the ACSC also provides a list of countries under attack, including the US, UK, Germany, China, Brazil, India, UAE, France, and Spain, to name just a few.

“The Australian Cyber Security Centre (ACSC) is aware of an ongoing ransomware campaign utilizing the Avaddon Ransomware malware [..] actively targeting Australian organisations in a variety of sectors,” the ACSC added [PDF].

“The ACSC is aware of several instances where the Avaddon ransomware has directly impacted organizations within Australia.”

Also Read: 4 Best Practices On How To Use SkillsFuture Credit

Avaddon targets
Avaddon targets (ACSC)

FBI: Avaddon makes empty DDoS threats

The ACSC also mentions Avaddon threat actors threatening with denial-of-service (DDoS) attacks to persuade victims into paying ransoms (in addition to leaking stolen data and encrypting their system).

However, as the FBI said, no evidence has been found of DDoS attacks following Avaddon ransomware attacks.

The Avaddon ransomware gang first announced in January 2021 that they will launch DDoS attacks to take down victims’ sites or networks until they reach out and begin negotiating to pay the ransom.

BleepingComputer first reported about this new trend in October 2020, when ransomware groups began using DDoS attacks against their victims as an additional leverage point.

At the time, the two ransomware operations that were using this new tactic were SunCrypt and RagnarLocker.

Avaddon DDoS threats
Avaddon DDoS threats

Also Read: 3 Reasons Why You Must Take A PDPA Singapore Course

Stolen data used as leverage

Avaddon ransomware samples were first detected in February 2019, and it began recruiting affiliates in June 2020 after it launched a massive spam campaign targeting users worldwide.

Affiliates who join this RaaS operation are responsible for compromising networks to deploy payloads or distribute the ransomware via spam or exploit kits. At the same time, its operators are accountable for developing the malware and operating the TOR payment site.

The Avaddon RaaS operation also asks affiliates to follow a set of rules, one of them being not to go after targets from the Commonwealth of Independent States (CIS).

Avaddon pays each affiliate 65% of ransom payments they bring in, with the operators getting a 35% share. However, as with other RaaS programs, larger affiliates can usually negotiate higher revenue shares depending on the size of their attacks.

The average ransom payment demanded by Avaddon affiliates is roughly 0.73 bitcoins (approximately $41,000) in exchange for a decryption tool (Avaddon General Decryptor).

Avaddon ransomware affiliates are also known for stealing data from their victims’ networks before encrypting systems for double-extortion.

This strategy has become commonplace for almost all active ransomware operations, with victims commonly notifying their customers or employees of possible data breaches following ransomware attacks.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us