Akira, the ransomware that stole $42 million from over 250 organizations across North America, Europe, and Australia within a year, is now actively targeting businesses in Singapore.

Singaporean authorities issued a joint advisory alerting local businesses about the rising threat of an Akira ransomware variant.

Source: Cyber Security Agency of Singapore

The alert comes after agencies, including the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC), recently received several complaints from victims of the cyberattack.

Primary targets of Akira ransomware

Prior investigations conducted by the United States Federal Bureau of Investigation (FBI) found that Akira ransomware has been targeting businesses and critical infrastructure entities.

Akira’s ransomware message to victims after successful hijacking. Source: Singapore Police

The Singaporean authorities explained ways to detect, deter and neutralize Akira attacks. Businesses that have been compromised are advised to refrain from paying ransom to the attackers.

Refrain from paying ransom

Akira members demand payments in cryptocurrencies, such as Bitcoin (BTC), to return control of their computer systems and internal data. However, Singapore authorities have asked businesses not to make payments.

“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.”

Additionally, malicious entities may attempt another attack in hopes of more ransom. FBI found that Akira never contacts the victims and expects them to reach out.

Cybersecurity best practices against ransomware attacks. Source: cisa.gov

Some recommended threat mitigation techniques are implementing a recovery plan and multifactor authentication (MFA), filtering network traffic, disabling unused ports and hyperlinks and system-wide encryption.

Related: Ransomware returns: Chainalysis flags record $1B payments in 2023

Cybersecurity firm Kaspersky recently found that North Korean hackers were targeting South Korean crypto businesses using Durian malware.

Source: Kaspersky

“Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files,” explained Kaspersky.

Additionally, Kaspersky noted that LazyLoad was also used by Andariel, a sub-group within fellow North Korean hacking consortium Lazarus Group — suggesting a “tenuous” connection between Kimsuky and the more notorious hacking group.

Magazine: Longevity expert: AI will help us become ‘biologically immortal’ from 2030

Read More: World News | Entertainment News | Celeb News
Cointelegraph

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Super Group SPAC Facing Shareholder Lawsuit

Posted on: May 22, 2023, 05:17h.  Last updated on: May 22, 2023,…

MakerDAO co-founder proposes fork of Solana codebase for native chain

MakerDAO co-founder Rune Christensen has submitted a proposal to build the decentralized…

Singapore to introduce uniform screening standards for crypto bank accounts

Singapore regulators work together with traditional banks to develop uniform standards for…

DEA gets duped: Agency loses $55K in address poisoning scam

The United States Drug Enforcement Administration (DEA) — the agency tasked with…