AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. Once launched on a Linux system, AvosLocker will terminate all ESXi machines on the server. Once it starts operating on a compromised system, the ransomware will append the
.avoslinux extension to all encrypted files. It also drops ransom notes asking the victims not to shut down their computers to avoid file corruption and to visit an onion site for more details on how to pay the ransom.
AvosLocker Windows Version
AvosLocker ESXi Linux Ransomware Signatures
Family: Ransom:Linux/AvosLocker.A!MTB
MD5: e09183041930f37a38d0a776a63aa673
SHA256: 7c935dcd672c4854495f41008120288e8e1c144089f1f06a23bd0a0f52a544b1
AvosLocker ESXi Linux Ransomware Download
