Attacks against critical infrastructure sectors in the US continue to be on the rise. The AvosLocker ransomware gang has been linked to several of these attacks the last 6 months. The ransomware strain first emerged in 2021 and has only gotten more sophisticated since. It now can disable antivirus protection as a detection evasion method. Although ransomware attacks are common, the level of targeting critical infrastructure sectors by AvosLocker affiliates adds new concerns over disruptions.

AvosLocker ransomware affiliates are known to use legitimate software and open-source code for remote system administration to compromise and exfiltrate data from enterprise networks. This is known as a type of ransomware-as-a-service (RaaS). The RaaS model and the ready availability of leaked ransomware code have lowered the barrier to entry for even novice criminals, making it a lucrative avenue to make illicit profits.

Like many other ransomware strains of this type, they use exfiltration-based data extortion tactics with the threats of releasing the stolen data. AvosLocker affects Windows, Linux, and VMware ESXi environments.

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing joint Cybersecurity Advisory (CSA) in response to new discoveries. This is part of the ongoing #StopRansomware campaign, which offers providers network defensive information and resources to counter threats including known IOCs, tactics, techniques, and procedures (TTPs).

Cybercriminals continue to look for new and innovative ways to infiltrate organizations, AvosLocker will not be the last new ransomware strain we will see. As threats continue to grow and evolve, you need to understand what your organization is up against to defend against the ever-changing cybersecurity threats. Not sure where to start? No worries. Let the expert team at 2W Tech help you evaluate your security solutions stack and help ensure you are best protected from outside threats.

Read More:

Helpful Tips to Protect Your Network

Do you have a Continuous Improvement Plan for your Epicor Kinetic ERP?

Back to IT News