Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance.

Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance.

Acer Finance operates as an investment management company. The Company offers risk management, mutual funds, analysis, financial planning, and advisory services. Acer Finance serves individuals, entrepreneurs, and institutional investors in France.

The Avaddon ransomware gang is giving Acer Finance 240 hours to communicate and cooperate with them before start leaking the stolen valuable company documents. 

Avaddon Acer Finance

The ransomware gang claims to have stolen confidential company information about clients and employees.

“You can congratulate us on the successful attack on the company, we also have about a lot of confidential information of clients, a lot of confidential information of employees, banking, personal correspondence, contracts, agreements, forms of payment, a lot of data from the secretariat, licenses and much more.” reads the statement published by the group on its leak site.

The hackers pointed out that there is no way to decrypt data without their decryptor, they also threatened the company to target it with a DDoS attack in case they will refuse to pay the ransom.

As proof of the hack, the group published several ID cards, personal documents, contracts, and a screenshot of the folders containing stolen data.

Avaddon Acer Finance 2

The group also announced to have hacked the Asian branch of Axa and stole three terabytes of data

It is curious that recently Axa announced that in France it will no longer reimburse ransomware payments for its customers. The decision is the result of the increased number of ransomware attacks and the large ransom demanded by cybercriminals.

Last week, the Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) warned of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare.

The alert published by the ACSC provides a list of countries under attack which includes the US, UK, Germany, France, China, Italy Brazil, India, UAE, France, and Spain.

[출처 : SecurityAffairs / 5.16.]