skip to Main Content
100% Focussed on Microsoft CloudAzure | D365 | M365 | Power Platform

New Ransomware Named AvosLocker Uses Multiple Tricks In Attacks

2 MINUTE READ

There’s a new strain of ransomware to be concerned about in the form of AvosLocker.

This is from security firm Sophos who warns that the new strain of human-operated ransomware is one to watch.

AvosLocker burst onto the scene over the summer of this year (2021). Having enjoyed some success with their product the gang behind the code is now on the hunt for partners in a bid to fill the gap left by REvil’s departure.

One of the key features of the malware’s design is the fact that it leverages the AnyDesk remote IT admin tool while running it in Windows Safe mode. We’ve seen malware that leverages Windows Safe Mode. Safe Mode loads with a minimal set of drivers and it is less well-protected but it isn’t exactly a common tactic.

AnyDesk is of course a perfectly legitimate tool used by thousands of professionals all over the world every day.  Here however it is being put to nefarious use and by combining it with running in Safe Mode and it allows the hackers to deal serious damage to their targets.

Peter Mackenzie is the Director of Incident Response at Sophos. Mackenzie says the group behind this new strain relies on simple but very clever tactics and methodologies to get the job done. So far, they’ve been amazingly successful.

The company had this to say about the new strain:

“Ransomware, especially when it has been hand-delivered (as has been the case in these Avos Locker instances), is a tricky problem to solve because one needs to deal not only with the ransomware itself, but with any mechanisms the threat actors have set up as a back door into the targeted network. No alert should be treated as “low priority” in these circumstances, no matter how benign it might seem.”

Wise words indeed.  Stay alert out there.

Our Cybersecurity experts can help you protect your business-critical data from sophisticated threats such as Ransomware. Click here to speak to an expert

Passionate about Digital Transformation, Cloud & MarTech

For over 20 years, Mohammed has been working at the intersection of business, technology & marketing to help businesses transform & grow in an ever-changing world.

At Burhani, he leads a team of passionate technology professionals focussed on delivering High Performance & Exponential Growth to clients through integrated, reliable, responsive and cost-effective business technology solutions.

Follow Mohammed on Linkedin