This nasty ransomware is targeting Cisco VPNs to attack businesses

Sead Fadilpašić

23 August 2023 at 9:17 am·2-min read

Operators of Akira, a relatively new entrant to the ransomware scene, have been targeting businesses using Cisco’s VPN products.

By logging into compromised accounts, Akira’s members were able to breach corporate endpoints, steal sensitive data, and ultimately deploy ransomware.

This is according to research made by multiple cybersecurity firms, although what these firms can’t know for sure, is how Akira obtained the login credentials for the VPN service.

Brute-forcing their way in?

Sophos, for example first spotted Akira in May 2023, saying the group accessed target networks through "VPN access using Single Factor authentication." Another incident responder, going by the alias Aura, noted that Akira managed to compromise these accounts because they weren’t protected with multi-factor authentication (MFA).

Because Cisco ASA doesn’t have any logging features, the researchers can’t know for sure. Some speculate Akira might have brute-forced its way into these accounts, too, while others are of the opinion that the access was bought from a third party on a dark web forum. Researchers from SentinelOne, however, think a zero-day might be at play here, as well. Apparently, the researchers believe the flaw affects accounts without MFA set up.

> These are the best firewall software choices

> LockBit ransomware has cost victims millions in the US alone

> The end of Reddit? Why the blackout is still going – and what happens next

Cisco’s VPN offerings are among the most popular ones among business users, with numerous organizations using them to securely transmit data between users and networks. By some, the tools are considered a must for remote and hybrid workers.

It is also worth mentioning that cybersecurity experts from Avast published a decryptor for Akira in late June this year, which can be downloaded for free. However, Akira has since responded and updated its encryptor. Thus, the decryption will only work on older varians and businesses should not be overly confident they can salvage their sensitive data in case of an attack.

Get a security boost and consider the best endpoint protection software

Via: BleepingComputer

Malay Mail
Rafizi: Anti-Anwar rally has a right to go ahead, can even protest ‘in front of my cat’
KUALA LUMPUR, June 29 — Economy Minister Rafizi Ramli has reportedly backed the rights of an anti-Datuk Seri Anwar Ibrah...
Malay Mail
Tourism minister apologises over deputy’s ‘preferred Muslim destination’ remark for Langkawi, says Malaysia open to all tourists
KUALA LUMPUR, June 29 — Tourism, Arts and Culture Minister Datuk Seri Tiong King Sing has apologised over his deputy min...
Futurism
There's an Extremely Stupid Reason NASA Scientists Can't Study China's Amazing New Moon Rocks
Earlier this week, China's Chang'e 6 lunar probe landed in Inner Mongolia, delivering the first samples collected from the far side of the Moon. The mission has the international scientific community excited — the far side of the Moon, which permanently faces away from the Earth, remains a bit of a mystery. Only China has […]
Malay Mail
Tour bus accident in Genting Highlands: Two Chinese nationals killed, 19 rescued (VIDEO)
KUALA LUMPUR, June 29 — Two Chinese nationals were killed while 19 others were rescued after their tour bus overturned a...
Associated Press
An Indian military tank sinks while crossing a river in a region bordering China, killing 5 soldiers
Five Indian soldiers were killed when a military tank they were travelling in sank while crossing a river in the remote region of Ladakh that borders China, officials said Saturday. The tank sank early Saturday due to sudden increase in the water levels of Shyok River during a military training activity, according to an Indian army command center statement. It said the accident took place in Saser Brangsa near the Line of Actual Control that divides India and China in the Ladakh region.
The Independent
A pair of siblings were stabbed and the sister’s dying words were that the killer was a man from Detroit. Thirty-four years later, he’s been arrested.
Pamela Sumpter, was raped and stabbed, and her brother John Sumpter was stabbed to death, at their Georgia home on July 15, 1990
The Telegraph
Germany into last eight after VAR drama-filled victory over luckless Denmark
First the Biblical rain, then the judgements, and it would be fair to say that not all agreed with those made by an English team of officials in charge of the most dramatic game yet of the European championship.
CNN
A year ago, she drank battery acid to escape life under the Taliban. Today, she has a message for other Afghan girls
Arzo survived a suicide attempt but now faces a new threat that could send her family – and millions like them – back to Afghanistan and a life that has become so intolerable for women and girls that some would rather die.
CNN
The reason why NATO and Europe found Biden’s debate performance so alarming
Joe Biden’s performance at the CNN presidential debate against Donald Trump has raised concerns with US allies - particularly within NATO and Europe.
INSIDER
How the US Navy tried — and failed — to sink carrier USS America for weeks
The USS America's sinking followed decades of service — and weeks of bombardment. Sinking an aircraft carrier proved harder than the US Navy thought.
Malay Mail
As it happens: YB Viral’s anti-Anwar protest at PM’s Putrajaya official residence
PUTRAJAYA, June 29 — A group calling itself Demi Negara held a rally called “Demo Rakyat Lawan Anwar” (Malay for “People...
Simply Recipes
The Easiest Way To Cut Watermelon, According to a Food Editor
It's got me eating watermelon way more often now.
People
Why Olivia Culpo Chose a Modest Wedding Gown: ‘I Didn’t Want to Exude Sex in Any Way’
The former Miss Universe wore a custom Dolce & Gabbana gown featuring a crew neck and long sleeves for her June 29 wedding to San Francisco 49ers running back Christian McCaffrey
INSIDER
I was the first Black female pilot in the US Air Force, and captained a commercial jet for 30 years. Some people still questioned if I was qualified to fly.
Captain Theresa Claiborne has just come to the end of a legendary career as a pilot.
People
A Mother Served Her 19-Year-Old Son an Eviction Notice. Now He's Accused of Strangling Her to Death
Conner Kobold is charged with the murder of his mother, Shanelle Burns
HuffPost
15 Times Celebs Made Interviewers Upset, Uncomfortable, Or Left Them In Tears
When Ellen told Hugh Grant, "I think that you're fantastic and funny and smart and all those things," he replied, "I wish I thought that about you."
HuffPost Life
People Are Revealing The Modern 'Wedding Trends' That Will NOT Last, And I'm Afraid They're Right
"I'm actually surprised the cursive 'bridesmaid' font hasn't died off yet. I hate that font."
AFP News
Germany weather storm at Euro 2024, holders Italy knocked out
Hosts Germany beat Denmark 2-0 in a storm-interrupted encounter to reach the quarter-finals of Euro 2024 on Saturday, after reigning champions Italy were knocked out of the competition by Switzerland.Nevertheless, a commanding victory takes the hosts through to a quarter-final next Friday in Stuttgart against either much-fancied Spain or surprise package Georgia.
The Telegraph
Western incompetence is handing aerospace dominance to China
Regulators have concluded Boeing should face criminal charges over safety issues on the 737. It is being sued over a mid-air blowout. And design faults have left a pair of astronauts stranded in space.
The Telegraph
‘Trillion dollar trainwreck’: US super stealth fighter is eating the next generation
All of a sudden, the US Air Force is considering cancelling a multibillion-dollar effort to develop a new stealth fighter. Citing the high cost of the so-called “Next-Generation Air Dominance” programme and the competing demands of other projects, USAF leaders have warned they may have no choice but to cancel NGAD – and find other ways of winning control of the air in future wars.

Brute-forcing their way in?

Latest stories