(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Akira Virus: Govt Issues Alert For Windows And Linux Users Against Ransomware That Steals Data, Delete Files; Details | #ransomware | #cybercrime

JE Technology Desk: Indian Computer Emergency Response Team (CERT-In) has cautioned users in the country about ransomware dubbed as Akira, which is active in the cyber world. The government’s arm that aims to enhance cyber security in India said the threat targets Windows and Linux-based systems. 

The bad actor steals the data of the victims and encrypts it to extort money from the affected device’s owner. If a user does not pay the asked amount, the group uploads the data on a dark web blog. It accesses the system through VPN services, generally when two-factor authentication is not enabled. The hackers use tools including AnyDesk, WinRAR and PCHunter during the process installed in the victim’s machine. This activity mostly goes unnoticed.

Also Read: Daam Malware Alert! Here’s How You Can Be Safe Against The Android Botnet And Other Threats

Akira Ransomware: Working Mechanism

The attack takes place after the execution of an Akira sample on a computer. It deletes the shadow backup files of the device and then encrypts data. Encrypted files are appended with a “.akira” extension. Later, it closes Windows services from the Restart Manager API in the software to avoid interruptions during encryption.

Akira Attack: Which Files Are Affected?

According to the advisory, it can encrypt files across folders, excluding – Recycle Bin, Boot, ProgramData, System Volume Information and Windows folders. To hide without letting users notice the infection, it does not modify system files and extensions such as .exe, .msi, .sys, .dll and .ink.

Also Read: Clean Malware From Android And Windows Devices With These Govt-Approved Free Tools

Akira Virus: How To Be Safe?

Ransomware threats generally take away data from a computer. Here are a few measures you can adopt to stay safe from them.

Keep an offline backup of data and update it in a timely manner

The system must be updated to the latest security build via an official channel

Use strong passwords and enhanced security features such as two-factor authentication

Stay cautious while accessing data from external USB drives

Besides these, a user can install an antivirus on a computer to detect these infections. Recently, CERT-In also issued an advisory against Daam malware. Here’s how you can stay safe from this threat.

Source link

National Cyber Security