Ransomware Aims Outdated Microsoft Excel Macros to Extend Attacks

Ransomware Aims Outdated Microsoft Excel Macros to Extend Attacks
Ransomware Aims Outdated Microsoft Excel Macros to Extend Attacks

Microsoft Security Intelligence made users aware of a sort of ransomware, called Avaddon, that utilizations Excel 4.0 macros to move harmful messages. These messages contain connections that send an assault when opened in any rendition of Excel.

Avaddon ransomware rose to June through a massive spam campaign that randomly focused on its casualties. A few examples appear to show that the ransomware, for the most part, targets Italian clients.

Copying Italian authorities

As BleepingComputer reports, the attackers behind the ransomware are enrolling “partners” to spread the payload. As per their investigation, Avaddon’s standard payoff sum is around $900, paid in crypto.

The assault regularly mimics authorities from Italy’s Labor Inspectorate. Messages ready free ventures to supposed work violation during “a time of emergency,” alluding to the COVID-19 pandemic.

Microsoft said in its Twitter profile:

“While an old technique, malicious Excel 4.0 macros started gaining popularity in malware campaigns in recent months. The technique has been adopted by numerous campaigns, including ones that used COVID-19 themed lures.”

Avaddon’s messages caution about pending legitimate activities taken if the client doesn’t open the malignant record.

Various casualties

An ongoing report by cybersecurity firm, Proofpoint, shows a constant increment in email-based phishing assaults used to convey ransomware.

On July 1, CurrencyTimes announced that new ransomware was focusing on macOS clients who unlawfully deluge well-known applications. The assault, known as EvilQuest, was first spotted by K7 Lab malware specialist, Dinesh Devadoss.