Avaddon ransomware is abusing Excel 4.0 macros to convey an attack against users.

Microsoft Security Intelligence made users aware of a kind of ransomware, called Avaddon, that utilizations Excel 4.0 macros to disseminate malicious emails. These messages contain connections which send an attack when opened in any version of Excel.

Avaddon ransomware developed toward the beginning of June through a massive spam battle that randomly targeted its users. A few examples appear to demonstrate that the ransomware generally targets Italian users.

Also read: Bank Of Japan To Begin Experimenting Digital Yen

Imitating Italian officials

As BleepingComputer reports, the assailants behind the ransomware are enlisting “affiliates” to spread the payload. As per their investigation, Avaddon’s normal payment sum is around $900, paid in crypto.

The attack normally imitates authorities from Italy’s Labor Inspectorate. Messages ready private ventures to supposed work violations during “a time of emergency,” alluding to the COVID-19 pandemic.

Also read: Ransomware Attacks Are On the Rise as More People Are Working From Home

Microsoft said in its Twitter profile:

“While an old technique, malicious Excel 4.0 macros started gaining popularity in malware campaigns in recent months. The technique has been adopted by numerous campaigns, including ones that used COVID-19 themed lures.”

Avaddon’s messages caution about pending legitimate moves which will be taken if the user does not open the malicious document.

Various victims

An ongoing report by cybersecurity organisation, Proofpoint, shows an ongoing increment in email-based phishing attack used to convey ransomware.

On July 1, It has been accounted for that another ransomware was focusing on macOS clients who illegally torrent popular apps. The attacks, known as EvilQuest, was first spotted by K7 Lab malware analyst, Dinesh Devadoss.