Cyber Alert: The country’s Federal Cyber Security Agency has issued the latest advisory for Internet users and warned them that in the cyber world, the Internet virus Akira is stealing personal information and encrypting data. The virus is doing this so that it can collect ransom from the people, so all the users have been asked to be alert. Giving information, he told that, recently a ransomware has been detected which has been named ‘Akira’ and it has been reported to be active in the cyber world. Through this virus, cyber attackers steal the victim’s data and encrypt the data present in their computer and force the victims to pay a double ransom in exchange for returning the data.
Targeting Windows and Linux based systems
The Indian Computer Emergency Response Team (CERT-In) said in the latest advisory issued to internet users, in case of non-payment by the victim, they release their data to dark web blogs. If you do not know, then let us tell you that CERT-In is the Central Technology Unit which combats cyber attacks and protects the cyber world from online attacks like espionage and hacking. Giving information, CERT-In said that this is the latest malware that steals personal data of people and encrypts their data to recover huge ransom money from them. It has been said in the issued advisory that this new malware is targeting Windows and Linux based systems.
how dangerous can akira be
If you do not know, then let us tell you that ransomware is a type of computer malware that blocks users from using their own data and systems. Later, it demands ransom from the users to give back their access. In a recently issued advisory, the Indian Computer Emergency Response Team told internet users that a recently surfaced ransomware operation called Akira is reportedly active in cyberspace.
how does akira work
According to the issued advisory, this group steals the personal details of the victims in the initial stages. After stealing the data, it encrypts it in its system. By encrypting the data, he forces the victims to steal the ransom money. If the victim agrees to pay the ransom amount, then fine and if he refuses to do so, then the hackers release the victim’s data on their dark web blog. As we have already told you that CERT-In is the Central Technology Branch to deal with Cyber Attacks, which keeps the cyber space secure against fixing and hacking attacks as well as other such online attacks.
What was said in the advisory?
It was told in the issued advisory that this ransomware group has also used tools like AnyDesk, WinRAR and PCHunter during infiltration. All these tools are often installed in the computers of the victims and their misuse goes unnoticed. Describing the technical intrusion of Akira, it was said that Akira deletes copies of Windows shadow volumes on the target device. After which the ransomware encrypts the files with a pre defined set of extensions and during this encryption process an Akira extension is appended to the name of each encrypted file. In the encryption phase, the ransomware terminates active Windows services by using the Windows Restart Manager API. The ransomware encrypts files found in different hard drive folders, except the Program Data, Recycle Bin, Boot, System Volume Information, and Windows folders. Once this happens, the user has no control over his system.
how to stay safe
Issuing an advisory for Internet users, CERT-In has advised to use basic security protocols to stay safe from such virus attacks in the online space. It was further told in the advisory that, keep updating the operating system and applications regularly and virtual patching can also be considered to protect the old system and network. He told that by doing this, cyber attacks can be stopped.