Avaddon Ransomware

Increase in Avaddon ransomware attacks in Australia.
Alert status
HIGH

The ACSC has seen a number of organisations that have been impacted by ransomware activity from the Avaddon group within Australia. This targeting has occurred across multiple industry sectors. In addition to encryption of data, victims are threatened with the publication of stolen data, as well as Distributed Denial of Service against their network.

The ACSC has provided analysis of the malware including detection methods, indicators of compromise and mitigations.

Assistance

The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.

Content complexity
Moderate
This rating relates to the complexity of the advice and information provided on the page.
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it

Icon for ReportReport a cyber security incident for critical infrastructure Icon for becoming a alertsGet alerts on new threatsAlert Service Become anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Acknowledgement of Country icon
Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.
Authorised by the Australian Government, Canberra