AvosLocker ransomware – what you need to know
What is this AvosLocker thing I’ve heard about?
AvosLocker is a ransomware-as-a-service (RaaS) gang that first appeared in mid-2021. It has since become notorious for its attacks targeting critical infrastructure in the United States, including the sectors of financial services, critical manufacturing, and government facilities.
In March 2022, the FBI and US Treasury Department issued a warning about the attacks.
So I only have to worry if I work for an organisation related to US critical infrastructure?
I’m afraid not. The group’s leak site on the dark web lists victims around the world, including the United Kingdom, Germany, Canada, China, Spain, Belgium, Turkey, UAE, Syria, Saudi Arabia, and Taiwan. Many of the attacks will have been undertaken by other criminals who are working with the AvosLocker group as affiliates.
Why would anyone want to become an affiliate of a ransomware gang?
If you have no morals about breaking the law then it’s a way to make money through ransomware without having to go to all the effort of actually coding the malware, or creating the infrastructure to extort a ransom out of your victims.
The AvosLocker website, located on the dark web, describes it as their “Partnership Program” and says the group can provide “consultancy on operations”, “assistance in negotiations”, “highly configurable builds” of the malware, and even access to a “diverse network of penetration testers, access brokers and other contacts.”
Why would access to a network of other criminals and hackers be useful?
Well, they’re the ones who might help you find a way into an organisation to plant the ransomware.
Nasty. This really is organised cybercrime isn’t it?
Absolutely.
And if you don’t pay up, they’ll sell or leak the data they’ve stolen from your network?
Yes. It’s not original, but it’s a highly effective way of (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/avoslocker-ransomware-what-you-need-to-know/