Singapore police warned businesses against bitcoin ransomware in case of a compromise and asked them to report the incident to authorities immediately.
Akira, the ransomware that inflicted $42 million in losses on more than 250 organizations in North America, Europe, and Australia within a year, is currently focusing on businesses in Singapore.
A joint advisory was issued by Singaporean authorities to warn local businesses of the increasing threat posed by an Akira ransomware variant.
After receiving numerous complaints from victims of the cyberattack, the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF), and the Personal Data Protection Commission (PDPC) have issued an alert.
According to prior investigations by the United States Federal Bureau of Investigation (FBI), Akira ransomware has been targeting enterprises and critical infrastructure entities.
Singaporean authorities provided strategies for detecting, preventing, and neutralizing Akira attacks. It is recommended that businesses that have been compromised refrain from paying the assailants’ ransom.
To regain control of their internal data and computer systems, Akira members request payments in cryptocurrencies, such as Bitcoin. Nevertheless, Singaporean authorities have asked businesses to refrain from processing payments.
“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.”
Furthermore, malicious entities may attempt to launch an additional attack to secure additional ransom. The FBI discovered that Akira does not communicate with the victims and anticipates that they will contact her.
The recommended threat mitigation strategies are implementing a recovery plan and multifactor authentication (MFA), restricting network traffic, turning off unused ports and hyperlinks, and implementing system-wide encryption.
Kaspersky, a cybersecurity firm, recently discovered that North Korean hackers employed Durian malware to target South Korean crypto businesses.
“Durian has a comprehensive backdoor functionality that allows for the execution of commands, the downloading of additional files, and the exfiltration of files,” Kaspersky explained.
Furthermore, Kaspersky observed that Andariel, a sub-group within the Lazarus Group, also employed LazyLoad. This North Korean hacking consortium implies a “tenuous” connection between Kimsuky and the more notorious hacking group.
A Texas congressman says the state's gold-backed digital currency could boost crypto adoption and inspire investors to explore Bitcoin. According…
Ether price is breaking out above $3,700 despite significant selling pressure, driven by an emerging bull flag, analysts report. Some…
Donald Trump is considering Kevin Warsh for Treasury Secretary and to succeed Jerome Powell as Fed Chair when his term…
Upbit refunded 8.5 billion won to 380 voice phishing victims, as authorities expose North Korea's involvement in previous hacks. Upbit,…
Rick Wurster, set to become CEO next year, stated he has no plans to buy crypto but aims to support…
Nine individuals were charged with laundering U.S. drug proceeds into cryptocurrency for Mexican and Colombian cartels from 2020 to 2023.…