- Avaddon uses a RaaS affiliate program to deliver ransomware to unsuspecting Windows PC users.
- Victims have to pay Avaddon a ransom fee to decrypt their infected files.
- Our Cybersecurity page extensively covers threats to Windows computer systems and software. Be sure to check it out!
- You may also visit the Security & Privacy page to learn more.
You know how tech companies use SaaS or PaaS to deliver IT solutions to enterprises at scale? Well, cyber criminals have developed a model of their own called RaaS, which they’re using to efficiently distribute malware in massive waves. They recently targeted Windows 10 PCs for ransomware attacks, according to a Bleeping Computer report.
Windows 10 users targeted in Avaddon ransomware attack
In the recent Avaddon attacks, users receive an email enticing them to open a photo, which is actually not real. The body of the email contains a wink emoji.
But according to cyber security company Appriver, the photo is a cover for malware. In that case, the people behind the attacks are taking advantage of the fact that Windows doesn’t reveal file extensions by default.
When the malware is executed in Windows 10, it encrypts all files, from images to documents. Then, the attackers leave a ransom note on the victim’s desktop.
The note informs the user about the encryption of all their files by the Avaddon ransomware.
Next, the cyber criminals offer software the victim can buy to decrypt and access their computer files. So, they direct the user to a Tor payment portal where the transaction should takes place.
Avaddon is a Ransomware as Service (RaaS) actor running an affiliate program. Affiliates acquire the malware from Avaddon for distribution to targeted PC systems.
Feel free to share your views or ask any questions via the comments section below.