Akira’s operators are known to abuse VPN services, especially when users have not set multi-factor authentication, according to CERT-In.
The perpetrators behind Akira encrypt the data on their victims’ PCs after first stealing sensitive personal information from them. (Pixabay)
Akira is a new internet ransomware virus that is raising serious concerns, according to the Indian Computer Emergency Response Team (CERT-In). Both Windows and Linux-based systems are intended targets for this dangerous programme.
according to a report by PTI. The perpetrators behind Akira encrypt the data on their victims’ PCs after first stealing sensitive personal information from them. They use double extortion strategies to pressure the victims into paying the ransom.
The attackers would post the stolen data on their dark web site if the victim declines to pay the ransom, according to the most recent advice from CERT-In. The agency emphasises that users who have not set multi-factor authentication are particularly vulnerable to Akira’s operators’ usage of VPN services. The ransomware organisation has been identified to employ programmes like AnyDesk, WinRAR, and PCHunter during their incursions, frequently going unnoticed by victims.
Ransomware Akira
The virus’s technical specifications show that before encrypting files, ‘Akira’ deletes Windows Shadow Volume Copies on the targeted device. A “.akira” extension is added to the end of the name of each encrypted file during this encryption process. To avoid interfering with the encryption process, the ransomware also kills running Windows services using the Windows Restart Manager API. Except for ProgramData, Recycle Bin, Boot, System Volume Information, and Windows directories, all files in different hard drive folders are encrypted.
The Akira ransomware outbreak serves as a clear reminder of the evolving threat landscape in cybersecurity, according to Amit Jaju, Senior Managing Director, Ankura Consulting Group (India). Ransomware assaults like this are a type of digital hostage-taking that go beyond data theft.
where sensitive data is being held for ransom, affecting governments and even corporations.
The Double Extortion approach is applicable here, Jaju adds in an explanation of the hackers’ method. Akira employs a double extortion strategy that is becoming more popular among online crooks. In addition to being encrypted and inaccessible to the victims, the material is also threatened with being made publicly available on the dark web in the event that the ransom is not paid. Additional harm, such as harm to one’s reputation and possibly regulatory penalties for data breaches, may result from this.
How you can help
Internet users are advised by CERT-In to adhere to fundamental online safety and hygiene practises to protect themselves from such assaults. To prevent data loss in the event of an infection, it is strongly advised to maintain offline backups of vital data. Regular operating system and application updates are also essential, and virtual patching can be used to shield legacy systems and networks from hackers who take advantage of flaws in out-of-date software.
MFA and strong passwords
The advise also emphasised the value of multi-factor authentication (MFA) and strong password standards for enhancing security. In order to defend against cyber and ransomware attacks, users should refrain from installing updates or patches from unauthorised sources and take other essential actions. Adopting these practises proactively can help people and organisations stay resilient against the Ransomware threat from Akira.
