Avaddon ransomware group targeted Asia-based insurer AXA with DDoS attacks and ransomware just a week after the insurance company announced it was dropping support for ransomware payments in France.
Just a week after announcing it would no longer cover ransomware payments in France, global insurance company AXA has been hit with a targeted ransomware attack. The Avaddon ransomware group took credit for the attack, telling Bleeping Computer that it also launched a DDoS attack against the insurer’s websites in Thailand, Malaysia, Hong Kong, and the Philippines as added pressure to pay the ransom amount. In addition, the group claims that it stole 3 TB of data, which it plans to start leaking to the public if AXA does not pay within 10 days. The data include customer medical reports, claims, payments, bank account info, ID cards, passports, and more.
“This is a clear example of cybercriminal gangs ‘defending’ their business model,” commented Avast Security Evangelist Luis Corrons. “If companies didn’t pay, there would be no ransomware attacks. It’s as easy as that. AXA supports that idea, and the criminals didn’t like that, which is why they attacked.” AXA commented to Bleeping Computer that the only information compromised was data from the Thailand office.
Herff Jones data breach affects college students
U.S. cap and gown provider Herff Jones suffered a data breach, which was discovered only when college students who purchased graduation materials from the company in the last month complained on social media about fraudulent charges on their credit cards. The victims quickly realized that their common denominator was Herff Jones. Each complaint was for a different amount, usually ranging between $80 and $1,200, but one student claimed a friend of theirs was charged $4,000. On May 12, Herff Jones issued a statement acknowledging the data breach, saying “We sincerely apologize to those impacted by this incident. We are working diligently to identify and notify impacted customers.” For more, see Bleeping Computer.
Ransomware gangs go deeper underground
After President Biden hinted in a press conference that the U.S. would take action against ransomware gangs, many such gangs have made announcements that they are either disbanding or going private. Biden’s comments were triggered by the Colonial Pipeline ransomware incident, which temporarily halted all petroleum operations to 45% of the eastern United States last week. Following Biden’s comments, three major hacking forums changed their policies to no longer allow ransomware threads or advertisements. Darkside, the group responsible for the Colonial Pipeline attack, was the first to abandon their operations. Read more at The Record.
U.S. cybercrime complaints increase over 100% in 14 months
The FBI’s Internet Crime Complaint Center (IC3) reported that between March 2020 and May 2021, cybercrime complaints increased by 1 million. Previously, it had taken over 29 months to reach a million complaints, but that same amount was achieved in less than half the time since the pandemic started. The FBI attributes the spike in complaints to cybercriminals taking advantage of people working from home, in addition to the rise of COVID-themed scams. In its Internet Crime Report 2020, the FBI lists the top 3 crimes of the year as phishing scams, non-payment/non-delivery scams, and extortion.
Android 12 promises more privacy controls
Google announced this week that one of the features of its new mobile OS Android 12, set for release this fall, is a Privacy Dashboard. According to The Record, this new feature supposedly aggregates all permissions into one section. Google commented that it will give users “a simple and clear timeline view of the last 24 hour accesses to location, microphone and camera.” A few other new security features include indicators that the camera and/or the microphone are in use. Apple’s iOS 14 already does this, using a colored dot. Android will use camera and microphone icons. Also like iOS 14, Android will allow “approximate location” to be shared instead of the precise address.
This week’s ‘must-read’ on The Avast Blog
Have you noticed that QR codes are suddenly everywhere? Well, it might surprise you that they've actually been around since 1994. Why are they only now appearing on everything from packaging to menus? Keep reading to find out why it took a pandemic to make QR codes relevant.
Join Avast's Avast's Christopher Budd at the National Council on Aging's Age+Action Conference to learn how to protect elders from tech support scams.
The Microsoft Exchange patches have led to exploitation of major vulnerabilities. What all small and medium sized businesses (SMBs) need to do immediately.