AvosLocker Ransomware Strikes Critical Infrastructure

  • By Patrick Ryan
  • Mar 25, 2022

The ransomware attacks launched by AvosLocker are taking a toll on the United States’ critically important infrastructure. The attacks are serious enough to warrant attention from the FBI. FBI representatives state affiliates of the ransomware operation are using a litany of digital attacks to compromise targets and possibly posing a threat to national security.  

The FBI recently created a cybersecurity advisory with the assistance of the Treasury Department to detail AvosLocker attacks. The advisory alerts companies in a wide array of sectors about the ransomware group’s tactics and touches on lines of defense against the digital threat.

What is AvosLocker all About?

AvosLocker is best described as a potent ransomware-as-a-service operation. The operation has compromised victims spanning a plethora of the country’s critical infrastructure sectors.

Which Sectors Does AvosLocker Target?

AvosLocker is zeroing in victims within important sectors that are fundamental to the operation and success of the United States economy. AvosLocker targets sectors ranging from government to manufacturing, financial services, and beyond.  

Why is AvosLocker Considered a Ransomware-as-a-Service Program?

AvosLocker’s operations are labeled with the acronym of RaaS as its hackers create malware that is crypto locking. The operation also recruits affiliates who employ malicious code to infiltrate targeted computers.  

AvosLocker publishes and hosts the information stolen from victims after its affiliates successfully infiltrate targeted computers, servers, and other devices. The affiliate typically receives about 75% of the ransom money. The remainder of the money is provided to AvosLocker.  

What is an Example of an AvosLocker Attack?

AvosLocker attacks first zeroed in on comparably small firms back in the summer of 2021. The hackers focused on small businesses, including law firms, real estate companies, and logistics businesses based in the United States, Europe, and the United Kingdom. The hacking collective initially restricted ransom payments to monero cryptocurrency.

Fast forward to the winter of 2021, and AvosLocker was implementing ransomware attacks through a network of affiliates. The group has even gone as far as displaying interest in purchasing access to private networks on dark web discussion forums.

AvosLocker attacks are inconsistent as the group outsources digital infiltrations through affiliates. However, some compromised targets have traced the group’s attacks to initial exploits within Microsoft Exchange email server weaknesses that allow unauthorized access to the internal network. AvosLocker attacks are also characterized by software of the adversary-simulation variety, the swapping of encrypted files, and the encoding of PowerShell scripts.  

Who is AvosLocker Targeting Now?

Digital security researchers indicate AvosLocker has expressed interest in obtaining access to the private networks of businesses with revenue in excess of $50 million per year as those businesses are most likely to pay the requested ransom. However, some of AvosLocker’s affiliates are still likely to target comparably small businesses as their digital defenses aren’t as robust as those of multinational corporations.

Is It Prudent to Pay the Requested Ransom?

There is no easy answer to this question. Victims who refuse to pony up the AvosLocker ransom face the prospect of their private data being leaked on the internet. The stolen data is slowly leaked to the public, little by little, to convince the target to pay the ransom.  

AvosLocker hackers pick up the phone and directly contact representatives of the targeted business to discuss ransom payments. This potential nightmare scenario should be motivation enough to upgrade your digital defenses before your business becomes the next ransomware statistic.


 

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank is in the news for the wrong reason. The bank recently publicized the fact that it discovered a digital breach.

Weekly Recap June 24 2022

Weekly Recap June 24 2022

We are nearly halfway through 2022. News stories detailing hacks and other digital breaches continue to roll in on a daily basis.

Cybercrime Related to Travel Soars at the Year’s Halfway Point

Cybercrime Related to Travel Soars at the Year’s Halfway Point

There has been a significant spike in tourism following the gradual decline of the coronavirus pandemic.  The increase in travel has caught the attention of digital miscreants looking to scam tourists as well as travel services providers.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.