Security News > 2022 > March > AvosLocker group is targeting US critical infrastructure, FBI says
The AvosLocker ransomware has targeted multiple victims across the country, according to the joint advisory [PDF] issued late last week by the FBI, Treasury Department and Financial Crimes Enforcement Network.
Palo Alto Networks' Unit 42 researchers in July 2021 wrote about an advertisement they saw on Dread, which they described as a "Reddit-like dark web discussion forum," for a new RaaS called AvosLocker, outlining features of the ransomware and letting affiliates who leverage the malware know that AvosLocker operators would handle the negotiation and extortion practices.
The group behind AvosLocker - dubbed "Avos" - also was seen trying to recruit people on the Russian forum XSS. Initially the ransomware targeted Windows-based machines, but Ghanshyam More, principal researcher at cybersecurity firm Qualys, wrote in a blog post earlier this month that a new variant of AvosLocker was seen attacking Linux systems.
In outlining the technical details of this AvosLocker group, the US agencies noted that the ransomware encrypts files on a victim's server and renames then with an ".
"Each of these ransomware groups uses unique victim identifiers to offer negotiation and 'support' while the victim tries to recover their data," Trend Micro researchers wrote in a blog post last year.
The public leak site lists victims of the ransomware as well as a sample of data allegedly stolen from the victim's network, giving organizations further proof of compromise.
News URL
Related news
- China reportedly admitted directing cyberattacks on US infrastructure (source)
- FBI: US lost record $16.6 billion to cybercrime in 2024 (source)
- CISA warns of hackers targeting critical oil infrastructure (source)
- Kubernetes has grown up: From testbed to critical infrastructure (source)
- FBI: US officials targeted in voice deepfake attacks since April (source)
- Scammers are deepfaking voices of senior US government officials, warns FBI (source)