FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

The AvosLocker ransomware gang is responsible for multiple attacks on critical US infrastructure as of May 2023. The group uses legitimate software to gain access to systems, then extracts data, ransoming it to the organisations. AvosLocker uses legitimate tools and employs stealthy tactics to hinder investigation efforts. Regular offline backups and restrictions on the use of certain applications are recommended as mitigations. In 2023, more than half of ransomware attacks occurred within a single day of initial system access, a surge from previous years.