CERT-In Cautions Against ‘Akira’ Ransomware Attack

CERT-In Cautions Against 'Akira' Ransomware Attack

CERT-In Issues Urgent Warning Against ‘Akira’ Ransomware Attack: Protect Your Systems Now!

In a world where the internet plays a pivotal role in our lives, the need for robust cybersecurity measures has never been more critical. Recently, the country’s federal cyber security agency, Indian Computer Emergency Response Team (CERT-In), issued a grave warning about a menacing ransomware named ‘Akira.’ This insidious cyber threat is on the prowl, targeting Windows and Linux-based systems, and causing havoc in cyberspace.

As the ‘Akira’ ransomware gains traction, it becomes paramount for internet users to be vigilant and take preemptive steps to safeguard themselves from this perilous attack.

In this blog post, we delve into the details of the ‘Akira’ ransomware, explore its modus operandi, and provide essential guidelines to fortify your defences against such cyber threats.

The Emergence of ‘Akira’ Ransomware

Indian Computer Emergency Response Team (CERT-In)’s latest advisory has raised red flags concerning the emergence of the ‘Akira’ ransomware, which poses a significant threat to internet users.

This ransomware operates with sinister intent, first pilfering sensitive information from victims and then encrypting their data, making it inaccessible. The attackers then resort to double extortion tactics, forcing victims to pay a hefty ransom to regain control of their valuable data.

The Dark Web Threat

In a truly alarming twist, if victims refuse to comply with the ransom demands, the ‘Akira’ ransomware group brazenly threatens to release their confidential data on the dark web. This malicious tactic adds immense pressure on victims to yield to the attackers’ demands.

To infiltrate their targets’ environments, cybercriminals exploit VPN services where multi-factor authentication is not enabled, making unauthorized access easier. The group also utilizes seemingly innocuous tools like AnyDesk, WinRAR, and PCHunter during intrusions, skillfully evading detection.

Technical Intrusion and Encryption Process

The ‘Akira’ ransomware employs sophisticated technical maneuvers to maximize its impact. By deleting Windows Shadow Volume Copies on the targeted device, data recovery becomes an arduous task for the victims.

During the encryption process, the ransomware appends a ‘.akira’ extension to each encrypted file’s name, making decryption challenging without the decryption key. To ensure a smooth encryption process, the ransomware employs the Windows Restart Manager API to terminate active Windows services.

Protective Measures Against ‘Akira’ Ransomware

To safeguard your digital assets and privacy against the looming threat of ‘Akira’ ransomware and similar cyber attacks, Indian Computer Emergency Response Team (CERT-In) recommends the following best practices:

Backup, Backup, Backup

Regularly create offline backups of critical data to mitigate data loss in case of a ransomware infection.

Keep Systems Updated

Ensure that both operating systems and applications are consistently updated, using virtual patching to protect legacy systems and networks from vulnerabilities.

Fortify Authentication

Strengthen password policies and implement multi-factor authentication (MFA) to add an extra layer of security to user accounts.

Avoid Untrusted Sources

Refrain from downloading updates or patches from unofficial channels, as these may contain hidden malware.


The warning issued by Indian Computer Emergency Response Team (CERT-In) serves as a stark reminder that cyber threats like ‘Akira’ ransomware are ever-present and require our constant vigilance.

By staying informed and following the recommended cybersecurity measures, we can protect ourselves and our digital spaces from malicious attacks.

Emphasizing the importance of cybersecurity awareness, let us work together to build a safer and more secure online ecosystem. Stay informed, stay proactive, and let’s outsmart the cyber adversaries.

Image Credit: FILE PHOTO: A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo/File Photo | Photo Credit: KACPER PEMPEL

Source: Thehindu