Share this article
Improve this guide
Windows 10 PCs target for Ransomware as a Service attacks
2 min. read
Updated onOctober 4, 2023
updated onOctober 4, 2023
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Key notes
You know how tech companies use SaaS or PaaS to deliver IT solutions to enterprises at scale? Well, cyber criminals have developed a model of their own called RaaS, which they’re using to efficiently distribute malware in massive waves. They recently targeted Windows 10 PCs forransomwareattacks, according to aBleeping Computerreport.
Windows 10 users targeted in Avaddon ransomware attack
In the recent Avaddon attacks, users receive an email enticing them to open a photo, which is actually not real. The body of the email contains a wink emoji.
But according to cyber security companyAppriver, the photo is a cover for malware. In that case, the people behind the attacks are taking advantage of the fact that Windows doesn’t reveal file extensions by default.
So, unsuspecting victims end up clicking on the photos only to unleash a JavaScript file that triggers ransomware activity on their machines.
All of the messages contain an attachment that arrives in the IMG.jpg.js.zip format. Once the zip is extracted, there is a small 1 kilobyte javascript file inside. This is much smaller than last year’s campaign of 8 kilobytes, largely because the latest version does not contain any additional obfuscation techniques.
When the malware is executed in Windows 10, it encrypts all files, from images to documents. Then, the attackers leave a ransom note on the victim’s desktop.
The note informs the user about theencryptionof all their files by the Avaddon ransomware.
Next, the cyber criminals offer software the victim can buy to decrypt and access their computer files. So, they direct the user to a Tor payment portal where the transaction should takes place.
Avaddon is aRansomwareas Service (RaaS) actor running an affiliate program. Affiliates acquire the malware from Avaddon for distribution to targeted PC systems.
You can minimize the risk of falling victim to such attacks by usingemail scanningtools. Also, updating and activatingWindows Defendercan help preventransomwarefrom executing on your machine.
Feel free to share your views or ask any questions via the comments section below.
[wl_navigator]
More about the topics:Cybersecurity,Ransomware
Don Sharpe
Tech Journalist
Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been published on Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, Forexminute.com, The Writers Network and a host of other companies.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Don Sharpe
Tech Journalist
Don has been writing professionally for over 10 years now, simplifying the tech universe for the mases.
