Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes.

This week, Bluefield University communicated with its students to be careful of texts sent through the University’s communication system after a ransomware group used the communication system to message the campus about a ransomware attack in progress.

According to reports, the ransomware group used the University’s communication system to “send threatening messages out to all of Bluefield University’s students and employees.” The message stated “We’re the Avoslocker ransomware. We hacked the university network to exfiltrate 1.2 TB of files. We have admissions data from thousands of students. Your personal information is at risk to be leaked on the dark web blog. Do not allow the university to lie about the severity of the attack.”

The students received a one-day reprieve from exams because of the ransomware attack.

The FBI identifies AvosLocker as a ransomware-as-a-service group that targets critical infrastructure, including financial services, critical manufacturing and government facilities.

[View source.]