U.S. critical infrastructure organizations across several industries — including government, financial services, and critical manufacturing — are being targeted by the AvosLocker ransomware-as-a-service operation, SecurityWeek
The FBI and the Treasury Department have issued a joint advisory warning that threat actors have already leveraged AvosLocker to attack organizations in the U.S., Canada, Germany, Spain, United Arab Emirates, Syria, Saudi Arabia, Belgium, Turkey, Taiwan, and the U.K.
The advisory did not only include indicators of compromise for AvosLocker attacks but also contained information regarding their tools and exploited security vulnerabilities. The FBI and the Treasury Department also offered mitigation approaches and other resources that could be used against AvosLocker attacks.
"AvosLocker claims to directly handle ransom negotiations, as well as the publishing and hosting of exfiltrated victim data after their affiliates infect targets. As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion," said the advisory.