AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. Once launched on a Linux system, AvosLocker will terminate all ESXi machines on the server. Once it starts operating on a compromised system, the ransomware will append the .avoslinux
extension to all encrypted files. It also drops ransom notes asking the victims not to shut down their computers to avoid file corruption and to visit an onion site for more details on how to pay the ransom.
AvosLocker Windows Version
AvosLocker ESXi Linux Ransomware Signatures
AvosLocker ESXi Linux Ransomware Download