The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors.
This was disclosed in a joint cybersecurity advisory published this week in coordination with the US Treasury Department and the Financial Crimes Enforcement Network (FinCEN).
AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors, the FBI said.
As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion.
The advisory provides network defenders with indicators of compromise (IOCs) they can use to detect and block AvosLocker ransomware attacks.
AvosLocker first surfaced during the summer of 2021, promoting their Ransomware-as-a-Service (RaaS) operation on underground forums and calling for ransomware affiliates to join them.