Ransomware Avos Locker

Avos Locker ransomware comes as a response to the “retirement” of larger groups that were prominent with successful attacks around the world such as REvil Sodinokibi and Darkside. But it is not alone, Blackmatter ransomware is also in contention for that space.

The Avos Locker ransomware emerged in late June 2021, the group has adopted the RaaS (Ransomware as a service) tactic which is the outsourcing of attacks. You can find advertisements from the group looking for affiliates on the dark web forums. This tactic has become increasingly popular with ransomware groups.

Another tactic used by the groups is double extortion; on the one hand they exert pressure by locking down the company’s servers and on the other by threatening to leak the company’s files on the dark web forums.

But the Avos Locker group has taken this blackmail to another level. The leaking of the files is like a “loss” for the group since they have gained nothing from it. The group now, instead of leaking the data, they are auctioning off the stolen files so that they can receive a certain amount of money for their services.

It was not the Avos Locker group that started this tactic, they were inspired by REvil Sodinokibi.

This tactic came about because the data that was leaked was downloaded by anonymous people and sold in internet groups. When they realized this, the group added this tactic to their plans.

The Avos Locker ransomware targets its attacks on Windows operating systems. The group attacked Pacific City Bank, an American bank, which had its files leaked.

The group maintains a “wall of shame” to expose companies that have had their files encrypted. Along with the name of the company, there is also a timer with a countdown to the payment of the ransom, and if the ransom is not paid, the files will be auctioned off.

This type of leak can be highly damaging to companies, trade secrets can be sold, customer data, which can have serious consequences under the law.

In short, the company can be harmed for numerous reasons, which puts pressure on them to pay.

But, there is still a way out for these companies to recover files without the need for the group’s decryption key, the encrypted data recovery, done by Digital Recovery.

Recover Files Encrypted by Avos Locker Ransomware

With over 20 years of experience, Digital Recovery has perfected its data recovery services to the point where we have developed technologies capable of recovering files encrypted by ransomware.

We can recover Virtual Machines, RAID Systems, Storages, Databases, File Servers, and more. There is no challenge too big that we cannot overcome.

Few companies have the ability to recover Avos Locker ransomware.

Mind that all our processes are in accordance with the EU GDPR and we have the support of a law firm specialized in data and internet. We can also sign a non-disclosure agreement (NDA).

Count on Digital Recovery to recover your encrypted files, restoring your company’s full operation.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

AtomSilo Ransomware

Ransomware AtomSilo

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.