95.txt

Avaddon Ransomware Notorious Deeds Ranked Top 10 in June Threat Landscape
As the annual national college entrance examination concluded, newly emerged ransomware families demonstrated alarming momentum in June. According to 360 Security Brain monitoring, while traditional ransomware families like GlobeImposter, phobos, and Crysis maintained dominance with 60.78% combined infection rates, the Avaddon ransomware rapidly ascended to Top 10 rankings shortly after its initial detection on June 4. This novel threat initially appended .advn extensions to encrypted files before adopting Sodinokibi-style random suffix patterns. Leveraging the Phorpiex botnet's multifunctional propagation capabilities including removable media infections, spam campaigns, and credential brute-forcing, Avaddon achieved rapid distribution through RaaS (Ransomware-as-a-Service) models, appearing on dark web markets on June 3 and commencing wild spread within 24 hours. Desktop infection rates increased by 4.68% month-over-month, partially attributable to Avaddon's activities. Meanwhile, the veteran Crysis family unexpectedly introduced variants integrating system reconnaissance tools for antivirus detection monitoring and storage device enumeration. The YourFilesEncrypted V3.3 variant emerged as flybox-extension malware masquerading as crack tools, demanding merely 0.009 Bitcoin ransom from individual targets. Fortunately, 360 Decryption Master successfully cracked it upon discovery. Windows 7 and 10 remained primary infection targets, while MSSQL weak password attacks showed unusual volatility with two early-month surges. 360 Security Brain's countermeasures proved effective, with its decryption toolkit expanding support to Cobra (.cobra), FileCry (.filecry), YourFilesEncrypted (.flybox), and partial Sodinokibi variants in June. Cumulative statistics since November 2019 reveal 32,000+ assisted devices, 85 million decrypted files, and 547 million yuan in losses prevented.