AvosLocker is a new ransomware-as-a-service, first appeared in June 2021.
A global leader in cybersecurity, Sophos has discoverednew ransomware named AvosLocker.
In this attack, hackers areusing Windows Safe Mode and AnyDeskremote administration tool.
Windows Safe Mode is a very common method to operate a PC without using a password.
In Safe Mode, we cant access everything, but hackers found out that they can access AnyDesk.
With AnyDesk, hackers got continuous remote access to computers.
Sophos revealed thatAvosLocker attackers have installed AnyDesk, so it works in Safe Mode.
They have disabled the security services that run in Safe Mode and then ran the ransomware in Safe Mode.
Sophos has never seen some of these components used with ransomware, and certainly not together.
AvosLocker was first founded in June 2021, it is a new ransomware service.
Peter Mackenzie said, The techniques used by AvosLocker are simple but very clever.
Then it disables the components of security software solutions that run in Safe Mode.
drop in the legal AnyDesk tool and set it to run in Safe Mode while connected to the internet.
