{"version":"1.0","provider_name":"Infoblox Blog","provider_url":"https:\/\/www.infoblox.com\/blog","author_name":"Infoblox Threat Intel","author_url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/","title":"New Ransomware: Avaddon","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"6aLK5kyQrR\"><a href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/\">New Ransomware: Avaddon<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/new-ransomware-avaddon\/embed\/#?secret=6aLK5kyQrR\" width=\"600\" height=\"338\" title=\"&#8220;New Ransomware: Avaddon&#8221; &#8212; Infoblox Blog\" data-secret=\"6aLK5kyQrR\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.infoblox.com\/blog\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","thumbnail_url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/Spooks-and-Spys.jpg","thumbnail_width":660,"thumbnail_height":454,"description":"On 9 June, Infoblox detected a malicious spam (malspam) campaign delivering a new \u201cRansomware-as-a-Service\u201d (RaaS) malware known as Avaddon. It uses an affiliate revenue system where threat actors can sign up as affiliates and start using the ransomware for no initial fee, but in exchange they must give the author a percentage of their profits"}