The AvosLocker Ransomware Attack on Bluefield University

The AvosLocker ransomware gang has claimed responsibility for an attack that has crippled internet and other services at Bluefield University. The attackers also appear to be in control of the university's “RamAlert” emergency notification system, blasting messages to the impacted students and staff that imply they have exfiltrated sensitive data.

Messages state the attackers have “hacked the university network to exfiltrate 1.2 terabytes of files,” and that they “will continue attacking if BU’s president does not pay,” but did not say how much they are demanding for ransom.

FBI Issues Alert on AvosLocker

The FBI issued an alert about AvosLocker activity back in March 2022 indicating that the group has “targeted victims across multiple critical infrastructure sectors in the U.S. Including...The financial services, critical manufacturing, and government facilities sectors.”

Bluefield University's Response

“As you know, on Sunday, April 30, 2023, Bluefield University discovered a cybersecurity attack that impacted our systems. Upon learning of this issue, we immediately engaged independent third-party cybersecurity experts to assist in our review and remediation efforts, but it may be a few days before full functionality can be restored,” a statement from BU school officials said.

“We are working through the investigation to determine the nature and extent of the incident. However, as of now, we have no evidence indicating any information involved has been used for financial fraud or identity theft.”

Student Reactions

We talked to two students over the phone who wanted to remain anonymous. While they expressed concerns about their personal information being leaked, they were also optimistic about the university’s response.