Dissecting Avaddon to Find Additional Attacks
Avaddon is a new “Ransomware-as-a-Service” (RaaS) malware that uses an affiliate revenue system as part of how this threat group achieves its financial goals. Avaddon is being actively advertised on various cybercriminal forums and has been associated with recent massive email spam campaigns for its distribution. It uses a double-extortion model—they encrypt your files but also threaten to expose them if you don’t pay.
Join Randy Frankly Smith and Tim Helming, Security Evangelist from our sponsor DomainTools, to explore how starting with just a single domain name, we can move on to exploring infrastructure and wider activities of the group behind Avaddon. We will show you how, as a defender, you can not only lock down against the current threat but against related ones as well.
In this webinar you will learn how:
- The initial Avaddon attack works
- You can maximize your opportunity as a defender in ransomware attacks
- To explore malicious infrastructure starting with a single indicator