30 December 2021

AvosLocker ransomware group provides decryptor for free after learning they hit U.S. police department


AvosLocker ransomware group provides decryptor for free after learning they hit U.S. police department

Operators behind the AvosLocker ransomware provided a free decryptor after it became clear that they hit a U.S. government entity, according to a security researcher who goes by the moniker pancak3.

Last month, AvosLocker encrypted systems of an unnamed police department and stole some data, but when they realized that they hit a government agency they provided the decryptor for free. However, the attackers refused to provide a list of stolen files or explain how they managed to breach the police department.

A member of AvosLocker told BleepingComputer that the gang does not have policy on who they target, but usually tries to steer clear of government agencies and hospitals, although “sometimes an affiliate will lock a network without having us review it first.”

When asked if they purposely avoid targeting government agencies out of fear of law enforcement, they said it's more because "tax payer money's generally hard to get," according to BleepingComputer.

AvosLocker is a relatively new ransomware-as-a service that first appeared in late June 2021. Like most RaaS, AvosLocker has started promoting its RaaS program via various forums on the dark web in its search for affiliates. The AvosLocker ransomware is mainly delivered through spam email campaigns and online advertisements. After a successful compromise, AvosLocker appends encrypted files with the extension .avos and offers technical assistance to victims, providing support to recover the compromised systems.

Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021