avoslocker attacks Bluefield University

Date:

May 2, 2023

World map

Overview

Title

avoslocker attacks Bluefield University

Victim

Bluefield University

Attacker

AvosLocker

Location

Bluefield, USA

Bluefield, Virginia

Size of Attack

Unknown/TBD

First Reported

May 2, 2023

Last Updated

October 31, 2022

The AvosLocker ransomware gang has claimed responsibility for an attack that has crippled internet and other services at Bluefield University. The attackers also appear to be in control of the university's “RamAlert” emergency notification system, blasting messages to the impacted students and staff that imply they have exfiltrated sensitive data.

Messages state the attackers have “hacked the university network to exfiltrate 1.2 terabytes of files,” and that they “will continue attacking if BU’s president does not pay,” but did not say how much they are demanding for ransom.

The FBI issued an alert about AvosLocker activity back in March 2022 indicating that the group has “targeted victims across multiple critical infrastructure sectors in the U.S. Including...The financial services, critical manufacturing, and government facilities sectors.”

“As you know, on Sunday, April 30, 2023, Bluefield University discovered a cybersecurity attack that impacted our systems. Upon learning of this issue, we immediately engaged independent third-party cybersecurity experts to assist in our review and remediation efforts, but it may be a few days before full functionality can be restored,” a statement from BU school officials said.  

“We are working through the investigation to determine the nature and extent of the incident. However, as of now, we have no evidence indicating any information involved has been used for financial fraud or identity theft.”

We talked to two students over the phone who wanted to remain anonymous. While they expressed concerns about their personal information being leaked, they were also optimistic about the university’s response.

The attackers also appear to be in control of the university's “RamAlert” emergency notification system, blasting messages to the impacted students and staff...

Oh no!

This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.

LockBit attacks Teupe Group
Date
March 13, 2024
Ransomware group
LockBit
Location

Stadtlohn, Germany

, Germany

Industry
Manufacturing
Victim
Teupe Group
LockBit attacks Teupe Group
Date
March 13, 2024
Ransomware group
LockBit
Location

Stadtlohn, Germany

, Germany

Industry
Manufacturing
Victim
Teupe Group
Akira attacks Summit Almonds
Date
March 13, 2024
Ransomware group
Akira
Location

Granite Bay, USA

California, USA

Industry
Agriculture
Victim
Summit Almonds
Akira attacks Summit Almonds
Date
March 13, 2024
Ransomware group
Akira
Location

Granite Bay, USA

California, USA

Industry
Agriculture
Victim
Summit Almonds
8Base attacks Brewer Davidson
Date
March 13, 2024
Ransomware group
8Base
Location

Auckland, New Zealand

, New Zealand

Industry
Professional, Scientific & Technical Services
Victim
Brewer Davidson
8Base attacks Brewer Davidson
Date
March 13, 2024
Ransomware group
8Base
Location

Auckland, New Zealand

, New Zealand

Industry
Professional, Scientific & Technical Services
Victim
Brewer Davidson
BlackByte attacks Encina Wastewater Authority
Date
March 13, 2024
Ransomware group
BlackByte
Location

Carlsbad, USA

California, USA

Industry
Other
Victim
Encina Wastewater Authority
BlackByte attacks Encina Wastewater Authority
Date
March 13, 2024
Ransomware group
BlackByte
Location

Carlsbad, USA

California, USA

Industry
Other
Victim
Encina Wastewater Authority
Medusa attacks Kenneth Young Center
Date
March 12, 2024
Ransomware group
Medusa
Location

Grove Village, USA

Illinois, USA

Industry
Healthcare
Victim
Kenneth Young Center
Medusa attacks Kenneth Young Center
Date
March 12, 2024
Ransomware group
Medusa
Location

Grove Village, USA

Illinois, USA

Industry
Healthcare
Victim
Kenneth Young Center
LockBit attacks LEC London
Date
March 11, 2024
Ransomware group
LockBit
Location

London, United Kingdom

Greater London, United Kingdom

Industry
Healthcare
Victim
LEC London
LockBit attacks LEC London
Date
March 11, 2024
Ransomware group
LockBit
Location

London, United Kingdom

Greater London, United Kingdom

Industry
Healthcare
Victim
LEC London
LockBit attacks the Government Pensions Administration Agency (GPAA)
Date
March 11, 2024
Ransomware group
LockBit
Location

Pretoria, South Africa

Gauteng, South Africa

Industry
State & Local Government
Victim
The Government Pensions Administration Agency (GPAA)
LockBit attacks the Government Pensions Administration Agency (GPAA)
Date
March 11, 2024
Ransomware group
LockBit
Location

Pretoria, South Africa

Gauteng, South Africa

Industry
State & Local Government
Victim
The Government Pensions Administration Agency (GPAA)
Cactus attacks Plymouth Tube Company
Date
March 11, 2024
Ransomware group
Cactus
Location

Warrenville, USA

Illinois, USA

Industry
Mining
Victim
Plymouth Tube Co
Cactus attacks Plymouth Tube Company
Date
March 11, 2024
Ransomware group
Cactus
Location

Warrenville, USA

Illinois, USA

Industry
Mining
Victim
Plymouth Tube Co
Play attacks Bridger Insurance
Date
March 11, 2024
Ransomware group
Play
Location

Pleasanton, USA

California, USA

Industry
Finance & Insurance
Victim
Bridger Insurance
Play attacks Bridger Insurance
Date
March 11, 2024
Ransomware group
Play
Location

Pleasanton, USA

California, USA

Industry
Finance & Insurance
Victim
Bridger Insurance
RansomHub attacks Scadea Solutions
Date
March 11, 2024
Ransomware group
RansomHub
Location

Princeton, USA

New Jersey, USA

Industry
Information & Technology
Victim
Scadea Solutions
RansomHub attacks Scadea Solutions
Date
March 11, 2024
Ransomware group
RansomHub
Location

Princeton, USA

New Jersey, USA

Industry
Information & Technology
Victim
Scadea Solutions