Avaddon ransomware is abusing Excel 4.0 macros to convey an attack against users.
Microsoft Security Intelligence made users aware of a kind of ransomware, called Avaddon, that utilizations Excel 4.0 macros to disseminate malicious emails. These messages contain connections which send an attack when opened in any version of Excel.
Avaddon ransomware developed toward the beginning of June through a massive spam battle that randomly targeted its users. A few examples appear to demonstrate that the ransomware generally targets Italian users.
Imitating Italian officials
As BleepingComputer reports, the assailants behind the ransomware are enlisting “affiliates” to spread the payload. As per their investigation, Avaddon’s normal payment sum is around $900, paid in crypto.
The attack normally imitates authorities from Italy’s Labor Inspectorate. Messages ready private ventures to supposed work violations during “a time of emergency,” alluding to the COVID-19 pandemic.
Microsoft said in its Twitter profile:
“While an old technique, malicious Excel 4.0 macros started gaining popularity in malware campaigns in recent months. The technique has been adopted by numerous campaigns, including ones that used COVID-19 themed lures.”
Avaddon’s messages caution about pending legitimate moves which will be taken if the user does not open the malicious document.
An ongoing report by cybersecurity organisation, Proofpoint, shows an ongoing increment in email-based phishing attack used to convey ransomware.
On July 1, It has been accounted for that another ransomware was focusing on macOS clients who illegally torrent popular apps. The attacks, known as EvilQuest, was first spotted by K7 Lab malware analyst, Dinesh Devadoss.