Singapore alerts businesses to Bitcoin ransomware risk
Akira, the ransomware that stole $42 million from over 250 organizations across North America, Europe, and Australia within a year, is now actively targeting businesses in Singapore.
Singaporean authorities issued a joint advisory alerting local businesses about the rising threat of an Akira ransomware variant.
Source: Cyber Security Agency of SingaporeThe alert comes after agencies, including the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC), recently received several complaints from victims of the cyberattack.
Primary targets of Akira ransomware
Prior investigations conducted by the United States Federal Bureau of Investigation (FBI) found that Akira ransomware has been targeting businesses and critical infrastructure entities.
Akira’s ransomware message to victims after successful hijacking. Source: Singapore PoliceThe Singaporean authorities explained ways to detect, deter and neutralize Akira attacks. Businesses that have been compromised are advised to refrain from paying ransom to the attackers.
Refrain from paying ransom
Akira members demand payments in cryptocurrencies, such as Bitcoin ( BTC ), to return control of their computer systems and internal data. However, Singapore authorities have asked businesses not to make payments.
“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.”
Additionally, malicious entities may attempt another attack in hopes of more ransom. FBI found that Akira never contacts the victims and expects them to reach out.
Cybersecurity best practices against ransomware attacks. Source: cisa.govSome recommended threat mitigation techniques are implementing a recovery plan and multifactor authentication (MFA), filtering network traffic, disabling unused ports and hyperlinks and system-wide encryption.
Related: Ransomware returns: Chainalysis flags record $1B payments in 2023
Cybersecurity firm Kaspersky recently found that North Korean hackers were targeting South Korean crypto businesses using Durian malware.
Source: Kaspersky“Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files,” explained Kaspersky.
Additionally, Kaspersky noted that LazyLoad was also used by Andariel, a sub-group within fellow North Korean hacking consortium Lazarus Group — suggesting a “tenuous” connection between Kimsuky and the more notorious hacking group.
Magazine: Longevity expert: AI will help us become ‘biologically immortal’ from 2030
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Hamster Kombat Faces Boycott Threat as Community Rally Over ‘Unfair’ Airdrop Allocation Plan, Real Users Enraged
Kamala Harris Highlights Crypto and AI at $27 Million New York Fundraiser
Bitgert, Solana, Ethereum: Which Crypto Holds the Most Potential for Explosive Growth?
Solana Mobile’s Seeker Web3 Phone Set for 2025 Release, Offering Exclusive Crypto Rewards