Avos Locker Ransomware

Avos Locker ransomware comes as a response to the “retirement” of larger groups that were prominent with successful attacks around the world such as REvil Sodinokibi and Darkside. But it is not alone, Blackmatter ransomware is also in contention for that space.

The Avos Locker ransomware emerged in late June 2021, the group has adopted the RaaS (Ransomware as a service) tactic which is the outsourcing of attacks. You can find advertisements from the group looking for affiliates on the dark web forums. This tactic has become increasingly popular with ransomware groups.

Another tactic used by the groups is double extortion; on the one hand they exert pressure by locking down the company’s servers and on the other by threatening to leak the company’s files on the dark web forums.

But the Avos Locker group has taken this blackmail to another level. The leaking of the files is like a “loss” for the group since they have gained nothing from it. The group now, instead of leaking the data, they are auctioning off the stolen files so that they can receive a certain amount of money for their services.

It was not the Avos Locker group that started this tactic, they were inspired by REvil Sodinokibi.

This tactic came about because the data that was leaked was downloaded by anonymous people and sold in internet groups. When they realized this, the group added this tactic to their plans.

The Avos Locker ransomware targets its attacks on Windows operating systems. The group attacked Pacific City Bank, an American bank, which had its files leaked.

The group maintains a “wall of shame” to expose companies that have had their files encrypted. Along with the name of the company, there is also a timer with a countdown to the payment of the ransom, and if the ransom is not paid, the files will be auctioned off.

This type of leak can be highly damaging to companies, trade secrets can be sold, customer data, which can have serious consequences under the law.

In short, the company can be harmed for numerous reasons, which puts pressure on them to pay.

But, there is still a way out for these companies to recover files without the need for the group’s decryption key, the encrypted data recovery, done by Digital Recovery.

Recover Files Encrypted by Avos Locker Ransomware

With over 20 years of experience, Digital Recovery has perfected its data recovery services to the point where we have developed technologies capable of recovering files encrypted by ransomware.

We can recover Virtual Machines, RAID Systems, Storages, Databases, File Servers, and more. There is no challenge too big that we cannot overcome.

Few companies have the ability to recover Avos Locker ransomware.

Remember that all our processes are in accordance with LGPD (General Law of Data Protection) we have the backing of the law to support all our solutions. And we also provide the confidentiality agreement (NDA).

Count on Digital Recovery to recover your encrypted files, restoring your company’s full operation.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionised digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery