Avaddon Ransomware

Australian Cyber Security Centre

The ACSC has seen a number of organisations that have been impacted by ransomware activity from the Avaddon group within Australia. This targeting has occurred across multiple industry sectors. In addition to encryption of data, victims are threatened with the publication of stolen data, as well as Distributed Denial of Service against their network.

The ACSC has provided analysis of the malware including detection methods, indicators of compromise and mitigations.


The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.

/Public Release. This material comes from the originating organization and may be of a point-in-time nature, edited for clarity, style and length. View in full here.