Cybersecurity researchers at Blackpoint Cyber have uncovered a previously undocumented modular malware framework codenamed Avalon, which is distributed via a multi-stage phishing chain capable of bypassing traditional security controls. The attack begins with a spoofed legal document email directing recipients to a password-protected archive on Proton Drive. Malicious content is embedded inside an ISO image to reduce detection at the email layer.
If the recipient interacts with a document-themed Windows Shortcut inside the mounted image, it triggers a staged malware sequence culminating in the deployment of Avalon. The shortcut runs a command to launch an MSBuild project that loads an embedded .NET assembly, interfering with Event Tracing for Windows (ETW) to reduce forensic visibility and download a next-stage payload over HTTPS.
Avalon boasts an extensive defense evasion subsystem, incorporating methods to conceal execution from security tools associated with Microsoft Defender, SentinelOne, CrowdStrike, Sophos, Elastic Endpoint, FortiEDR, ESET, McAfee, and Bitdefender. The framework harvests credentials, cookies, history, and bookmarks from Chromium-based browsers and Mozilla Firefox, gathers data from cryptocurrency wallet apps like MetaMask, Phantom, Coinbase Wallet, Exodus, Electrum, Atomic Wallet, Ledger Live, and Bitcoin Core, along with Discord, Slack, Teams, OpenVPN, WireGuard, and Windows Credential Manager. It also collects details about SSH known hosts, saved RDP connections, Wi-Fi profiles, and Group Policy Preferences cpassword artifacts.
Data is exfiltrated to a remote server (helloxcherry[.]com) and the server is polled for tasking commands. The ransomware component, internally named CrownX, encrypts files associated with business operations, software development, engineering, data storage, and virtual infrastructure using Windows Cryptography API, delivers a ransom note with payment instructions and deadline timers, inhibits system recovery by terminating the Volume Shadow Copy Service and deleting shadow copies, removes traces of artifacts using an anti-forensic cleanup subsystem, and directly interacts with disk structures to damage partition information, boot records, or other critical areas, rendering the system unusable.
Avalon shows signs of AI-assisted development, lowering the barrier to entry for malware development. The disclosure also highlights an agentic ransomware infection driven by a large language model (codenamed JADEPUFFER) and an AI malware that combines a Telegram bot with a public LLM API to devise a codeless attack.
CVEs: CVE-2025-3248, CVE-2026-55200, CVE-2026-46817
Attack groups: JADEPUFFER
Companies: Blackpoint Cyber, Microsoft, SentinelOne, CrowdStrike, Sophos, Elastic, Fortinet, ESET, McAfee, Bitdefender, Palo Alto Networks, Sysdig
Products: Microsoft Defender, SentinelOne, CrowdStrike Falcon, Sophos Intercept X, Elastic Endpoint Security, FortiEDR, ESET Endpoint Security, McAfee Endpoint Security, Bitdefender GravityZone, Proton Drive, MetaMask, Phantom
Original source: thehackernews.com