{"id":16763,"date":"2023-03-28T10:07:53","date_gmt":"2023-03-28T17:07:53","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=16763"},"modified":"2023-07-11T14:39:36","modified_gmt":"2023-07-11T21:39:36","slug":"all-about-avoslocker-ransomware","status":"publish","type":"post","link":"https:\/\/10.42.32.162\/articles\/all-about-avoslocker-ransomware\/","title":{"rendered":"All About AvosLocker Ransomware"},"content":{"rendered":"\t\t
Though REvil, LockBit and Conti ruled the limelight in most of 2021 and 2022, one ransomware group that slipped the prying eyes of cybersecurity experts was AvosLocker ransomware. AvosLocker took advantage of the circumstances and developed into a deadly adversary by targeting critical infrastructure<\/a> in different sectors of the US, Canada, UK and Spain in 2021. Their clever use of conventional tactics makes it a ransomware variant still worth monitoring today. Read on to find out more about the ransomware as a service (RaaS) group.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t AvosLocker ransomware affects a large number of users worldwide and usually targets computers of home, corporate and large organizational users running Microsoft Windows operating systems, including Windows XP, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2003, and Windows Server 2008. It has been reported to have infected over 100,000 computers since mid-2021, making it one of the most dangerous ransomware strains currently in circulation.<\/p> Amongst the various techniques AvosLocker has been reported to use to spread itself, the use of email attachments, malicious links, malicious files, and exploiting known vulnerabilities in software, and even linking malicious advertisements on websites,\u00a0 expands their outreach tremendously.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t Securin experts identified a set of 12 vulnerabilities associated with AvosLocker. Let us take a closer look at the vulnerabilities.<\/b><\/p> \u00a0<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0CVSS v2 – 7.20 | CVSS v3- 7.80 | Securin VRS – 8.66<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 2. CVE-2021-44228<\/a> – Log4Shell vulnerability – 7 Ransomware \/ 10 APT – CISA KEV, Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 CVSS v2 – 9.30 | CVSS v3 – 10.00 | Securin VRS – 9.98<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 3. CVE-2021-45105<\/a>: Apache Log4j2 versions 2.0-alpha1 through 2.16.0 – 1 APT \/ 1 Ransomware – Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0CVSS v2 – 4.30 | CVSS v3 – 5.90 | Securin VRS – 7.84<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 4. CVE-2021-45046<\/a> – It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. – 1 Ransomware \/ 3 APT – Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 CVSS v2 -5.10 | CVSS v3 – 9.00 | Securin VRS – 8.1<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 5. CVE-2021-44832<\/a> – Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4). 1 Ransomware \/ 2 APT – Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 CVSS v2 – 8.50 | CVSS v3 – 6.60 | Securin VRS – 7.44<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 6. CVE-2021-26855<\/a> – Microsoft Exchange Server Remote Code Execution Vulnerability – 7 Ransomware \/ 15 APT – CISA KEV, Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0CVSS v2 – 7.50 | CVSS v3 – 9.80 | Securin VRS – 9.96<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 7. CVE-2021-31207<\/a> – Microsoft Exchange Server Security Feature Bypass Vulnerability – 13 Ransomware \/ 7 APT – CISA KEV, Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0CVSS v2 – 6.50 | CVSS v3 – 7.20 | Securin VRS – 9.06<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t 8. CVE-2021-34473<\/a> – Microsoft Exchange Server Remote Code Execution Vulnerability – 12 Ransomware \/ 8 APT – CISA KEV, Trending<\/p> \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0CVSS v2 – 10 | CVSS v3 – 9.8 | Securin VRS – 9.96<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\tIn This Article<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
AvosLocker Vulnerabilities<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t