A dangerous internet ransomware virus called 'Akira' has emerged, raising concerns among cybersecurity experts and prompting the government to issue a warning.

       This malicious software targets Windows and Linux-based systems encrypts vital personal data, and extorts money from its victims.

       But what exactly is Akira and how does it infect software? Moreover, what steps can be taken to safeguard devices from such cyber threats.

       What is Akira ransomware?

       Ransomware is a type of malware that holds users' data hostage, denying access until a ransom is paid to the attackers.

       Also Read

       H3N2 influenza: Symptoms, spread, prevention, what do experts say?

       India suffering high cybersecurity skill gap, 40k open positions: Report

       High fever, long-lasting cough: Delhi under the grip of H3N2 virus

       Hackers release sensitive information after ransomware attack on CommScope

       Kaspersky has big plans for India, will be investing in people & tech: MD

       India to launch 7 Singapore satellites from Isro's spaceport on July 30

       Electronics export in India grew 56% in Q1, emerge as 4th largest item

       Boosting productivity: Work-life balance with artificial intelligence

       No child's play: How AI is helping medicine in assisted fertility

       Threads alert to Elon Musk stays but the downloads are falling steeply

       Akira is a specific type of ransomware designed to encrypt data on infected computers and manipulate filenames by appending the ".akira" extension. According to PCRisk, upon execution, Akira also deletes ‘Windows Shadow Volume Copies’ on the targeted device. This malware operates through a double extortion technique, much like others of its kind, stealing information from victims and then threatening to release it on the dark web if the ransom is not paid.

       This tactic puts immense pressure on victims to pay the ransom to protect their information and reputation.

       How does Akira infect software?

       Akira ransomware can enter computers through various means such as malicious email attachments or links, pirated software websites, peer-to-peer (P2P) networks, free file hosting sites, and third-party downloaders.

       Cybercriminals may also use fake software updates and Trojans to deliver the malware to unsuspecting users. Once a user unwittingly downloads and executes the malicious file, Akira encrypts files found in various hard drive folders.

       It appears to exclude certain system folders such as those ending with: in .exe, .dll, .msi, .lnk, and .sys, as well as those located in the Windows, System Volume Information, Recycle Bin, and Program Data folders.

       Once the files are encrypted the malware spreads laterally to other devices. The malware tries to gain Windows domain admin credentials, which allows it to deploy the ransomware throughout the network.

       Also Read: 91% of Indian organisations experienced ransomware attacks in 2023

       Akira's strategy

       Akira has already attacked asset management companies London Capital Group and the Development Bank of Southern Africa as well as many companies across industries, including finance, education, manufacturing, etc.

       The gang will reportedly release data onto dark websites and then demand ransoms from $200,000 to millions of dollars, according to a report by Bleeping Computers.

       The report also added that while there was another ransomware by the name of Akira back in 2017, the two are not related.

       Also Read: Ransomware criminals dump kids' private files online after school hacks

       How to protect yourself from ransomware infections

       Prevention is key to safeguarding against ransomware and any other forms of cyber attacks. Here are some steps that can be taken to protect oneself from Akira and other ransomware threats:

       Be cautious with email attachments and links: Avoid opening suspicious or unexpected email attachments or clicking on links from unknown senders. Verify the legitimacy of the sender before accessing any email content. Download from reputable sources: Only download files and programs from verified stores and official websites. Refrain from clicking on ads on untrustworthy pages. Keep software updated: Regularly update operating systems and installed programs to fix vulnerabilities that cybercriminals may exploit. Use strong passwords and multi-factor Authentication (MFA): Enforce strong password policies and enable MFA wherever possible to add an extra layer of security. Backup critical data: Maintain offline backups of critical data and ensure they are up-to-date. This will prevent data loss in the event of a ransomware infection. Report incidents to authorities: If you become a victim of ransomware, report the incident to the appropriate authorities. Providing information to law enforcement agencies can aid in tracking cybercrime and prosecuting attackers. Also Read: India suffering high cybersecurity skill gap, 40k open positions: Report

       In India, the Indian computer emergency response team (CERT-In), Department of Electronics and Information Technology, Ministry of Communications and Information Technology handles ransomware cases. The agency is the central technology arm to combat cyber attacks and guards cyberspace against phishing and hacking assaults and similar online attacks.