Ransomware has unfortunately had a resurgence via phishing emails. Some of these viruses are brand new, such as Avaddon, and some are old ones coming back into usage.
These malicious pieces of code encrypt the files on the victim’s computer. From there they demand a payment, or ransom, in order to recover the information. This type of virus has historically had a tremendous impact on businesses that have had their security circumvented by these viruses.
Hackers do not discriminate with their targets. They will try and compromise the security of both private citizens and multinational corporations. These criminals also don’t care about nationality. People and industries in the United States of America, Italy, Germany, France and Greece have been victimized.
The researchers at Proofpoint have noticed these viruses tend to play off various themes in order to coax the desired target to open their email. For example, many of these phishing emails will make reference to the current Covid-19 crisis. They might say the victim has received their test results for Covid-19, or suggest their job has been impacted by the coronavirus.
One particular theory as to why this resurgence has occurred is because of the rise of remote working due to the pandemic. Many hackers see this as a golden opportunity due to inadequate training and ignorance on the part of some corporations.
Avaddon is a particularly nasty form of this virus. The subject line will mention they have acquired a photo of the victim. By playing off of an individual’s insecurity, the makers of the virus hope to trick them into opening the attachment enclosed in the email. The attachment is not a photo of the victim: It is the Avaddon virus.
Once installed on the computer, the virus will encrypt the computer hard drive. The computer screen will display a window demanding a payment of $800 in bitcoin to recover the files. The virus also warns if the user attempts to recover the files without payment, Avaddon will permanently delete them.
Sadly, we’re not talking about the American city. This is another virus that demands ransom. It targets Germans and mentions the closure of a company due to the virus. By baiting the victim, it’ll install itself and try to extort them to pay $200.
What is the Best Action?
Aside from refusing to open unrecognized emails, we recommend patching the computer and making backups of sensitive data. Being knowledgeable is the best security to safeguard sensitive data.