AvosLocker is a ransomware-as-a-service (RaaS) group that emerged in mid-2021, recruiting affiliates to deploy its ransomware. The group is financially motivated, employing a double-extortion model where they encrypt victim files and exfiltrate data, threatening to leak or auction it on their dedicated Tor-based leak sites if ransom demands are not met. What distinguishes AvosLocker is its tactic of restarting victim machines into safe mode to bypass security defenses, and its unique approach to monetize stolen data through an auctioning system. While not as prominent as some other major ransomware groups, AvosLocker has continuously evolved its operations, expanding from primarily targeting Windows systems to include Linux and VMware ESXi environments.

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker