"AvosLocker Ransomware Striking Critical Infrastructure Targets"

Several US authorities have released a new alert warning of the threat to critical infrastructure (CNI) providers from the AvosLocker ransomware group.  The ransomware-as-a-service affiliate operation is targeting financial services, manufacturing and government entities, as well as organizations in other sectors.  Victims are from all over the globe, including the US, Syria, Saudi Arabia, Germany, Spain, Belgium, Turkey, the United Arab Emirates, the UK, Canada, China, and Taiwan.  The advisory stated that double extortion is a common tactic used by affiliates to force payment, but some groups using the malware variant have taken an even more hands-on approach.  In some cases, AvosLocker victims receive phone calls from an AvosLocker representative.  The caller encourages the victim to go to the onion site to negotiate and threatens to post stolen data online.  In some cases, AvosLocker actors will threaten and execute distributed denial-of-service (DDoS) attacks during negotiations.

Infosecurity reports: "AvosLocker Ransomware Striking Critical Infrastructure Targets"