Singapore warns companies of potential Bitcoin ransomware threat

The Singaporean police force urged companies to disclose such compromises to the proper authorities without delay and warned them against paying ransom to any malicious actors.

Now it’s aiming its malicious software at Singaporean companies. Akira was responsible for stealing $42 million from 250 firms in the US, EU, and AU in only one year.

Akira ransomware version is becoming more dangerous, and Singaporean officials have issued a joint advice to warn local firms about it.

After receiving many reports from victims of the hack, institutions such as the Cyber Security Agency of Singapore, the Singapore Police Force, and the Personal Data Protection Commission recently issued the notice.

The Akira ransomware has been known to target organizations and key infrastructure institutions, according to previous FBI investigations.

The government of Singapore provided information on how to identify, prevent, and counteract Akira assaults. Companies who have fallen victim to cybercrime should not pay the demanding hackers any kind of ransom.

Members of Akira want Bitcoin and other cryptocurrencies paid for so they may regain control of their computers and data. Nevertheless, Singaporean officials have requested that companies refrain from making payments:

“We strongly advise against paying the ransom and instead urge you to notify the authorities right away if your organization’s systems have been infiltrated by ransomware. There is no assurance that threat actors will decrypt or not disclose your data, even if you pay the ransom.”

Also, bad actors can try to hold you ransom again by launching another assault. According to the FBI’s investigation, Akira always waits for the victims to initiate contact.

Network traffic filtering, blocking unused ports and hyperlinks, system-wide encryption, and developing a recovery plan are some of the suggested threat mitigation strategies.

Recently, Kaspersky discovered that North Korean hackers were using the Durian virus to attack cryptocurrency firms in South Korea.

“Durian has complete backdoor capability, allowing the execution of given instructions, extra file downloads, and the exfiltration of data,” revealed Kaspersky.

Andariel, a subgroup inside the North Korean hacker consortium Lazarus outfit, also utilized LazyLoad, according to Kaspersky. This points to a “tenuous” relationship between Kimsuky and the more infamous hacking outfit.

Also Read: South Korea classifies NFTs produced in large quantities as virtual assets