Avos, also known as AvosLocker, is a financially motivated ransomware-as-a-service (RaaS) group that first emerged in June 2021. Operating as an affiliate-based model, AvosLocker quickly established itself by offering a profit-sharing scheme to cybercriminals, where the core operators handle negotiations and data leaks. The group initially focused on Windows systems but expanded its capabilities to include Linux variants, notably targeting VMware ESXi environments. A distinguishing characteristic of AvosLocker is its aggressive double extortion strategy, which involves not only encrypting victim data but also exfiltrating it and threatening to publish it on a dedicated leak site. The group has been observed making direct phone calls to victims and, in some instances, threatening Distributed Denial of Service (DDoS) attacks to compel ransom payment. This tactic of directly engaging and pressuring victims sets it apart from many other RaaS operations.

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker