[ad_1]
Akira, the ransomware that stole $42 million from over 250 organizations across North America, Europe, and Australia within a year, is now actively targeting businesses in Singapore.
Singaporean authorities issued a joint advisory alerting local businesses about the rising threat of an Akira ransomware variant.
The alert comes after agencies, including the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC), recently received several complaints from victims of the cyberattack.
Primary targets of Akira ransomware
Prior investigations conducted by the United States Federal Bureau of Investigation (FBI) found that Akira ransomware has been targeting businesses and critical infrastructure entities.
The Singaporean authorities explained ways to detect, deter and neutralize Akira attacks. Businesses that have been compromised are advised to refrain from paying ransom to the attackers.
Refrain from paying ransom
Akira members demand payments in cryptocurrencies, such as Bitcoin (BTC), to return control of their computer systems and internal data. However, Singapore authorities have asked businesses not to make payments.
“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.”
Additionally, malicious entities may attempt another attack in hopes of more ransom. FBI found that Akira never contacts the victims and expects them to reach out.
Some recommended threat mitigation techniques are implementing a recovery plan and multifactor authentication (MFA), filtering network traffic, disabling unused ports and hyperlinks and system-wide encryption.
Related: Ransomware returns: Chainalysis flags record $1B payments in 2023
Cybersecurity firm Kaspersky recently found that North Korean hackers were targeting South Korean crypto businesses using Durian malware.
“Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files,” explained Kaspersky.
Additionally, Kaspersky noted that LazyLoad was also used by Andariel, a sub-group within fellow North Korean hacking consortium Lazarus Group — suggesting a “tenuous” connection between Kimsuky and the more notorious hacking group.
Magazine: Longevity expert: AI will help us become ‘biologically immortal’ from 2030
[ad_2]
This article was originally published by a cointelegraph.com . Read the Original article here. .
Disclaimer:The information provided on this website does not constitute investment advice, financial advice, trading advice, or any other sort of advice and you should not treat any of the website’s content as such. BitcoinNews.best does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.