[ad_1]
The Indian Computer Emergency Response Team (CERT-In) has issued a warning about a new internet ransomware virus called ‘Akira,’ which is causing significant concern. This malicious software is designed to target both Windows and Linux-based systems.
According to a PTI report. the attackers behind Akira first steal vital personal information from their victims and then proceed to encrypt the data on their systems. To coerce the victims into paying the ransom, they engage in double extortion tactics.
According to CERT-In’s latest advisory, if the victim refuses to pay the ransom, the attackers will publish the stolen data on their dark web blog. The agency emphasizes that Akira’s operators are known to exploit VPN services, particularly when users have not enabled multi-factor authentication. In their intrusions, the ransomware group has been found to use tools like AnyDesk, WinRAR, and PCHunter, often going unnoticed by victims.
Akira Ransomware
The technical details of the virus reveal that ‘Akira’ erases Windows Shadow Volume Copies on the targeted device before encrypting files. During this encryption process, each encrypted file’s name is appended with a ‘.akira’ extension. Additionally, the ransomware terminates active Windows services using the Windows Restart Manager API to prevent interference with the encryption process. Files in various hard drive folders, except ProgramData, Recycle Bin, Boot, System Volume Information, and Windows folders, are encrypted.
What you can do
CERT-In advises internet users to follow basic online hygiene and protection protocols to safeguard themselves from such attacks. Maintaining offline backups of critical data is highly recommended to avoid data loss in case of infection. Regularly updating operating systems and applications is also crucial, and virtual patching can be employed to protect legacy systems and networks from cybercriminals exploiting vulnerabilities in outdated software.
Strong Passwords and MFA
Furthermore, the advisory emphasized on the importance of strong password policies and multi-factor authentication (MFA) to enhance security. Users should avoid applying updates or patches from unofficial channels and take other necessary measures to counter cyber and ransomware attacks. Being proactive in adopting these practices can help individuals and organizations stay resilient against the Akira ransomware threat.
[ad_2]
Source link