The AvosLocker ransomware group had to release a free decryptor to unlock the encrypted files of one of its distinct victims. The development came after the group found out that they encrypted the systems of a U.S. police department.
Is it the fear of law enforcement?
A month ago, AvosLocker operators compromised devices and stole data belonging to a police department.
- A member of the AvosLocker group claimed that they do not have any policy on who they target. However, they usually avoid targeting government agencies and the healthcare sector.
- Knowing that the target was a U.S. federal entity, they provided a decryptor to the compromised department.
- When a media agency prodded on the fear of law enforcement, the member stated that taxpayer money is generally hard to get, and hence, they avoid targeting government entities.
- Furthermore, when requested more information about the hack, the group denied providing a list of stolen files or how they infected the network of the department.
AvosLocker is pretty much active
AvosLocker has been active since July 2021 and regularly attempts to fill the gap left by ransomware groups that shut down last year by upgrading its techniques and tactics.
- Recently, they installed AnyDesk on compromised systems so it works in Safe Mode and then disabled the security tool’s components.
- Last month, the ransomware members were observed hunting for partners in the form of access brokers. Experts say they could be attempting to fill the void left by REvil.
- In the past, the ransomware group has claimed victims in the form of premium banking and manufacturing firms.
Conclusion
With frequent updates, the AvosLocker group is slowly adjusting itself to becoming a more sophisticated ransomware group. The fight against ransomware groups requires continuous collaboration and timely action between law enforcement agencies as well as the private sector.
Source: https://cyware.com/news/avoslocker-actors-seek-apology-by-releasing-free-decryptor-8621ab38