AvosLocker Ransomware completes attack in just 5 seconds using Windows Safe Mode and AnyDesk Admin Tool



AvosLocker Ransomware, one of the newest hacking methods for PCs and laptops, is expected to carry out further attacks around Christmas and New Years.

(Photo: Photo by KIRILL KUDRYAVTSEV / AFP via Getty Images)
A picture taken on October 17, 2016 shows an employee typing on a computer keyboard at the headquarters of Internet security giant Kaspersky in Moscow. (Photo by Kirill KUDRYAVTSEV / AFP) / TO GO WITH AFP STORY BY Thibault MARCHAND

Related article: CISA’s Log4j scanner was released to check for security vulnerabilities and bugs in apps

Although this computer virus is considered a newcomer, experts claimed that it could pose some serious security risks to its victims.

This new ransomware, first discovered by Sophos, combines the remote management tool AnyDesk and the Windows Safe function to easily bypass the security protection of PCs and laptops.

“Sophos found that the AvosLocker attackers installed AnyDesk to work in safe mode, tried to disable the components of security solutions that run in safe mode, and then ran the ransomware in safe mode,” said Sophos Peter Mackenzie, Director of Incident Response at Sophos.

Severity of AvosLocker Ransomware

According to the latest report from Global Newswire, the new PC ransomware is using Safe Mode and AnyDesk to give hackers full remote access through their victims’ devices.

AvosLocker Ransomware bypasses security software using Windows Safe Mode and the AnyDesk Admin Tool

(Photo: Photo by Adam Berry / Getty Images)
A child uses a “Calliope mini” computer during a demonstration of the device on May 5, 2017 in Berlin, Germany. The USB-connected circuit board, similar to a Raspberry Pi, is designed to teach kids basic computer coding and electronics. In a project sponsored by Google, the Berlin manufacturer of the devices is making 2,500 devices available to schools.

Also Read: T-Mobile Anti-Scam Initiative Blocks 21 Billion Spam Calls After Doubling the Number in 2021

Peter added via ZDNet that AvosLocker also reuses methods used by other gangs of ransomware. Right now, the malicious actors behind this new human-operated computer virus are trying to outdo REvil, one of the most notorious international cyber criminals.

Security experts also believe they are looking for online attack partners, such as access brokers who sell hacked devices. At the moment there is no massive violation associated with AvosLocker.

AvosLocker completes attack in just 5 seconds?

Sophos explained that the hackers behind the new ransomware send sequential commands that start the computer virus. After that, the victim’s laptop or PC restarted in Safe Mode.

The command sequence is estimated to be only five seconds. If so, the users would definitely have no idea when their gadgets are getting hurt. You can view this link to know more details about the new ransomware.

The British cybercrime watchdog is now investigating a massive password breach in other news. Meanwhile, the newly launched Justin Kan NFT platform was also hacked after its debut.

For more news about AvosLocker and other emerging security threats, please visit TechTimes here.

This article is owned by TechTimes

Written by: Griffin Davis

â’¸ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.



About Author

Comments are closed.