Microsoft security intelligence has alerted users to a new kind of ransomware, referred Avaddon, and uses Excel 4.0 macros to distribute malicious emails. These emails contain attachments that deploy an attack when opened in any version of Excel.
Earlier in June, Avaddon ransomware emerged via a huge spam campaign that randomly targeted its victims. Some patterns seem to point that the ransomware mostly targets Italian users.
Impersonating Italy’s Labor Inspectorate
In line with a recent report published by BleepingComputer, the attackers behind the ransomware are recruiting “affiliates” to spread the payload. Consistent with their analysis, Avaddon’s avg ransom sums to around $900 USD, which is to be paid in cryptos.
The attack commonly impersonates officials from Italy’s Labor Inspectorate. Messages alerted small businesses to alleged operation violations within “a period of crisis,” pertaining to the coronavirus outbreak.
While adding further, Microsoft said in its Twitter profile:
“While an old technique, malicious Excel 4.0 macros started gaining popularity in malware campaigns just a few months ago. The technique has been adopted by several campaigns, including ones that used coronavirus themed lures.”
Avaddon’s msg warned about pending legal actions which can be taken if the user doesn’t open the malicious documents.
Ransom Attacks On A Hike
As per recent study conducted by cybersecurity firm, Proofpoint, reveal a recent hike in email-based phishing attacks used to transfer ransomware.
Earlier on 1st July, a new ransomware targeting macOS users was detected that used illicit torrent apps. The attack, referred to as EvilQuest, was first spotted by K7 Lab malware researcher, Dinesh Devadoss.