Singapore warns businesses of Bitcoin ransomware threat

Singapore warns businesses of Bitcoin ransomware threat


Akira, which stole $42 million from more than 250 organizations in North America, Europe and Australia, is now actively targeting businesses in Singapore.

Singaporean authorities have issued a joint advisory warning local businesses about the growing threat of Akira ransomware variants.

Source: Singapore Cyber ​​Security Agency

The alert comes after agencies including the Cyber ​​Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) recently received several complaints from victims of the cyber attack.

The main targets of Akira ransomware

Previous investigations by the United States Federal Bureau of Investigation (FBI) have revealed that Akira ransomware has been targeting businesses and critical infrastructure.

9eb67afe 15b7 495c b780 0ae319d53918
Akira ransomware message to victims after successful hack. Source: Singapore Police

Singapore authorities have explained ways to detect, prevent and eliminate Akira attacks. Affected businesses are advised to avoid paying ransom to the attackers.

Avoid paying ransom

Akira members demand payments in cryptocurrencies such as Bitcoin (BTC) to regain control of their computers and internal data. However, Singaporean authorities have asked businesses not to make payments.

“If your organization's systems are compromised with ransomware, we do not recommend paying the ransom and we recommend that you report the incident to the authorities immediately. Paying the ransom does not guarantee that the data will be decrypted or that malicious actors will not publish your data.

Additionally, malicious entities may attempt another attack in hopes of obtaining additional ransom. The FBI confirmed that Akira would never contact victims and wait for them to reach out.

37981a76 796d 4d72 9b19 250c87cecf50
Cyber ​​Security Best Practices Against Ransomware Attacks. Source: cisa.gov

Some recommended threat mitigation techniques are implementing a recovery plan and multi-factor authentication (MFA), filtering network traffic, disabling unused ports and hyperlinks, and system-wide encryption.

Related: Ransomware Returns: Chainalysis Flags Record $1B Payments by 2023

Cybersecurity company Kaspersky recently confirmed that North Korean hackers are targeting South Korean crypto businesses using Durian malware.

803f1063 f135 46fa 9300 ae8a35df75cd
Source: Kaspersky

“Durian boasts comprehensive background functionality that enables the execution of sent commands, additional file downloads and file scanning,” Kaspersky explains.

Additionally, Kaspersky said LazyLoad was used by Andariel, a sub-group within the same North Korean hacking syndicate Lazarus Group – suggesting a “troublesome” relationship between Kimsuki and the well-known hacking group.

Magazine: Longevity Expert: AI Will Help Us Become ‘Biologically Immortal' By 2030

Leave a Reply

Pin It on Pinterest