Avaddon ransomware group, one of the most prolific ransomware groups in 2021, has announced that they are shutting the operation down and giving thousands of victims a decryption tool for free.

BleepingComputer’s Lawrence Abrams said he was sent an anonymous email with a password and link to a ZIP file named, “Decryption Keys Ransomware Avaddon.”

The file had decryption keys for 2,934 victims of the Avaddon ransomware. The startling figure is another example of how many organizations never disclose attacks, as some reports have previously attributed just 88 attacks to Avaddon.

Abrams worked with Emsisoft chief technology officer Fabian Wosar and Coveware’s Michael Gillespie to check the files and verify the decryption keys. Emsisoft created a free tool that Avaddon victims can use to decrypt files.

Ransomware gangs — like those behind Crysis, AES-NI, Shade, FilesLocker, Ziggy — have at times released decryption keys and shut down for a variety of reasons. A free Avaddon decryption tool was released by a student in Spain in February but the gang quickly updated their code to make it foolproof again.

“This isn’t new and isn’t without precedence. Several ransomware threat actors have released the key database or master keys when they decide to shut down their operations,” Wosar told ZDNet.

“Ultimately, the key database we obtained suggests that they had at least 2,934 victims. Given the average Avaddon ransom at about $600,000 and average payment rates for ransomware, you can probably come up with a decent estimate of how much Avaddon generated.”

Wosar added that the people behind Avaddon had probably made enough money doing ransomware that they had no reason to continue.

According to Wosar, ransom negotiators have been noticing an urgency when dealing with Avaddon operators in recent weeks. Negotiators with the gang are caving “instantly to even the most meager counter offers during the past couple of days.”

“So this would suggest that this has been a planned shutdown and winding down of operations and didn’t surprise the people involved,” Wosar explained.

Data from RecordedFuture has shown that Avaddon accounted for nearly 24% of all ransomware incidents since the attack on Colonial Pipeline in May. An eSentire report on ransomware said Avaddon was first seen in February 2019 and operated as a ransomware-as-a-service model, with the developers giving affiliates a negotiable 65% of all ransoms.

“The Avaddon threat actors are also said to offer their victims 24/7 support and resources on purchasing Bitcoin, testing files for decryption, and other challenges that may hinder victims from paying the ransom,” the report said.

“What’s interesting about this ransomware group is the design of its Dark Web blog site. They not only claim to provide full dumps of their victims’ documents, but they also feature a Countdown Clock, showing how much time each victim has left to pay. And to further twist their victims’ arms, they threaten to DDoS their website if they don’t agree to pay immediately.”

DomainTools

The group has a lengthy list of prominent victims that include Henry Oil & Gas, European insurance giant AXA, computer hardware company EVGA, software company Vistex, insurance broker Letton Percival, the Indonesian government’s airport company PT Angkasa Pura I, Acer Finance and dozens of healthcare organizations like Bridgeway Senior Healthcare in New Jersey, Capital Medical Center in Olympia, Washington and others.

The gang made a note of publishing the data stolen during ransomware attacks on its dark web site, DomainTools researcher Chad Anderson told ZDNet last month.

Both the FBI and the Australian Cyber Security Centre released notices last month warning healthcare institutions about the threat of Avaddon ransomware.

Australian Cyber Security Centre

The notice said “Avaddon threat actors demand ransom payment via Bitcoin (BTC), with an average demand of BTC 0.73 (approximately USD $40,000) with the lure of a decryption tool offered (‘Avaddon General Decryptor’) if payment is made.”

The group was also implicated in multiple attacks on manufacturing companies across South America and Europe, according to the Australian Cyber Security Centre.

Cybersecurity firm Flashpoint said that alongside REvil, LockBit, and Conti, Avaddon was one of the most prolific ransomware groups currently active.

Digital Shadows’ Photon Research Team told ZDNet in May that a forum representative for the Avaddon ransomware took to the Exploit forum to announce new rules for affiliates that included bans on targeting “the public, education, healthcare, and charity sectors.”

The group also banned affiliates from attacking Russia or any other CIS countries. US President Joe Biden is expected to press Russian President Vladimir Putin on ransomware attacks at a summit in Geneva on June 16.

“This isn’t new and isn’t without precedence. Several ransomware threat actors have released the key database or master keys when they decide to shut down their operations,” Wosar told ZDNet.

Source: https://www.zdnet.com/article/avaddon-ransomware-group-closes-shop-sends-all-2934-decryption-keys-to-bleepingcomputer/

Much of the spending that was put aside in 2020 was pushed back to 2021 instead, and smartphone sales are now booming.

Westend61 / Getty Images

Smartphone users are showing a keen interest in buying new handsets after a year marked by sinking sales. New analysis published by Gartner reveals that the industry is already seeing double-digit growth and showing signs of speedy recovery.

In the first quarter of 2021, global smartphone sales reached almost 378 million shipments – a 26% increase compared the same time last year, according to Gartner.

Consumers have remained cautious in their spending during much of 2020, while the COVID-19 pandemic created on-going economic uncertainty. This caused smartphone sales to decline 12.5% last year, but much of the spending that was put aside in 2020 was pushed back to 2021 instead.

“Consumers started spending on discretionary items as the pandemic situation improved in many parts of the world and markets opened up,” said Anshul Gupta, senior research director at Gartner. “However, one cannot ignore that the base for comparison is also lower in 2020, than it was in 2019. That explains the double-digit growth.”

Apple and Samsung continue to dominate the market, with Samsung over-taking Apple this quarter with a 20.3% share, leaving the Cupertino giant with just over 15% of the market.

The two companies have been chasing each other for years and are widely expected to continue to do so in the months to come. At the end of last year, for example, the dynamic was inverted: Apple overtook Samsung in the last quarter to own over 20% of the market, while Samsung claimed a 16.2% share.

This was largely due to Apple’s launch of the 5G iPhone 12, which contributed to boosting the company’s sales to hit 80 million devices in the last months of 2020 – a teaser of the growth to come to the remainder of the industry at the start of 2021.

Analysts have long anticipated that Apple’s new 5G-enabled handset would trigger a “supercycle“, generating more consumer interest in faster speeds and encouraging smartphone owners to upgrade their devices.

The uptake of 5G smartphones will boost the entire industry: much of Samsung’s recent growth, for instance, can be attributed to the early shipping of the company’s flagship 5G phones; and Gartner’s analysts expect that 5G-enabled devices will constitute 35% of total smartphone sales in 2021.

Apple, in particular, is expected to reap major financial benefits from this new supercycle. In a separate report, analysts from Juniper Research found that despite the Cupertino giant selling less than 20% of the total devices shipped, Apple will be bringing in nearly 40% of the value of sales in the next few years due to the higher price point of iPhones.

In 2022, estimate the analysts, the smartphone market will be worth $560 billion, of which Apple will be bringing in over $200 billion.

The trend is unlikely to reverse, since the cost of Apple’s devices is only expected to increase in the following years while Android devices become cheaper. According to the report, by 2024 the average selling price for an iOS device will stand at $700 globally, compared to just over $200 for Android.

iOS users, however, won’t shy away from costly devices. This is because the company has succeeded at convincing a loyal base of customers to consistently upgrade to more expensive devices thanks to a curated ecosystem of software and hardware that has no equivalent in other vendors.

Case in point: the company’s XR and XS models, which are priced $750 and above, are among the most popular of Apple’s smartphones upon release, noted Juniper’s analysts.

It will take extra work for Android manufacturers, therefore, to lure users into buying their premium handsets. Juniper’s researchers pointed to various features that could help do the trick, ranging from foldable form factors to camera quality, through biometrics-based security and, of course, 5G connectivity.

But even that might not be enough. To compete against Apple’s long-established brand reputation is likely to be a challenge that even feature diversification won’t solve.

“The most successful smartphone providers have moved beyond bringing consumers in because of their features. They are brought in and retained because of the brand, rather than because of what things phones do necessarily,” James Moar, who co-authored Juniper’s report, tells ZDNet. “iOS has an advantage here because it has its own self-contained ecosystem, whereas the Android ecosystem is open to many vendors, who generally have a weaker individual brand identity.”

Moar, therefore, recommends that smaller vendors expand their marketing spend to increase awareness of the brand, which few vendors have done on an international scale to date.

With Apple’s sales projected to soar over the next few months, it will take a serious dose of innovation for smaller players to make a dent in the market. For consumers, however, it might mean better devices that will make the upgrade all the more tempting.

Source: https://www.zdnet.com/article/smartphones-sales-are-finally-booming-and-apple-is-all-set-to-win-big-say-researchers/

From July, all national vaccination program providers will be required to report, where practicable, within 24 hours and no later than 10 days when a vaccination has been given to an individual in Australia.

The database, the Australian Immunisation Register (AIR), is maintained by Services Australia on behalf of the Department of Health.

Providers can upload the vaccination information via an online portal, either directly or through software they use at their practice that is integrated into the AIR. It uses an individual’s Medicare number for identification and linking.

There are no penalties for failure to upload the information.

When parading the availability of a sort-of “vaccination passport” around COVID-19 jabs in February, former Minister for Government Services Stuart Robert said the record would “form the basis of the vaccination certificate that all Australians will be able to use” and that the certificate is available right now.

Facing Senate Estimates on Friday night, Services Australia CEO Rebecca Skinner clarified what Robert actually meant.

“At the moment, everyone has an immunisation history statement. If you have a myGov account, and you have linked your myGov account with Medicare, you can either look at your immunisation history statement through myGov or you can look at it through the Medicare Express Plus app,” she said.

“Back when he was talking about that, earlier in the year, you could see your immunisation history statement. We then made some minor upgrades to that to add some more features, like a watermark, and a statement about whether you’d had your COVID vaccine, you’d had one shot … [if] you had two shots, you’d have a big green tick on your immunisation history statement.”

An “immunisation history statement” is available already; the COVID vaccine certificate is set to come in the next week, but only for those who have received two shots. As of Friday night, that was around 690,000 individuals.

“Some of those people might even be able to see that certificate by the end of the week,” she said.

The idea behind this, the agency said, was to avoid exposing everything else an individual has ever been vaccinated against.

“We’ve been on a journey, through the year, just doing small releases to bring a digital sort of record and then into a certificate,” Skinner said, noting while the certificate is currently just for COVID-19 vaccinations, further jabs may have the capability eventually.

My Health Record also has vaccination information, pulled in via the AIR, available.

Services Australia representatives were asked why Robert said the digital certificate could be viewed online after an individual received their first dose if that was incorrect.

“I think what Minister Robert was referring to was that you could, at that particular point in time, view your vaccination through the immunisation history statement,” Jarrod Howard from the agency’s health programs arm explained.

“As of this weekend, the COVID digital certificate will be available … it’s been a bit of a journey that Minister Robert would have known that we were on, but at that particular point in time, you would have been able to see it through the immunisation history statement.”

RELATED COVERAGE

Australia pins clearer idea of who got vaccinated on new portal

More than 100 days since Australia’s vaccine rollout started, the federal government is launching a portal that will provide information on who exactly has received the jab.

Services Australia rebuilds immunisation register with IBM in wake of COVID

IBM Hybrid Cloud has been selected to prepare the Australian Immunisation Register ahead of COVID-19 vaccination rollout.

Vaccination smartphone ‘passport’ to log Aussie COVID-19 jabs

It will provide a record of vaccination that can be available on a smartphone or as a print out from Services Australia.

When parading the availability of a sort-of “vaccination passport” around COVID-19 jabs in February, former Minister for Government Services Stuart Robert said the record would “form the basis of the vaccination certificate that all Australians will be able to use” and that the certificate is available right now.

Source: https://www.zdnet.com/article/covid-19-vaccine-digital-certificate-coming-this-week-for-australians/