FBI and CISA Release Update on AvosLocker Advisory

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint Cybersecurity Advisory titled #StopRansomware: AvosLocker Ransomware (Update), aimed at sharing identified indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods linked to the AvosLocker ransomware variant. This advisory builds upon a previous release from March 17, 2022, titled Indicators of Compromise Associated with AvosLocker ransomware, which was a collaborative effort by the FBI, CISA, and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN). The new update provides additional IOCs and TTPs not covered in the earlier advisory, along with a YARA rule developed following an analysis of a tool linked to a compromised AvosLocker incident. Both the FBI and CISA urge critical infrastructure organizations to follow the guidelines outlined in the joint Cybersecurity Advisory to mitigate the risks associated with AvosLocker ransomware and similar ransomware threats. Further details can be found on CISA’s #StopRansomware webpage.

The FBI and CISA have issued a recent report on the AvosLocker ransomware, which highlights key indicators of compromise, tactics, techniques, and procedures, as well as detection approaches. This update offers fresh insights and suggestions for critical infrastructure entities to mitigate the risks associated with AvosLocker ransomware and similar ransomware attacks.