Akira Ransomware is targeting Cisco AnyConnect to steal your credentials

Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission.

Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Cybercriminals are using Akira ransomware to target the vulnerabilities of Cisco AnyConnect. Furthermore, with it, they are getting access to your network. Also, with Akira ransomware, they can gather your data and install malware or execute other potentially malicious activities.

What is Akira ransomware?

Akira ransomware is a new threat that leaks stolen data encrypts files on your system. In addition, threat actors can use it to steal your username and passwords. Also, this type of malware tries to prevent you from recovering files by deleting their copies from your system. On top of that, it spreads fast across your network.

Moreover, cybercriminals could request ransom to remove the Akira ransomware from your system. However, nobody guarantees that they won’t come back. After all, they might be targeting your sensitive data to sell it to another company.

The research by Truesec shows that one of the main entry points for Akira ransomware is, in fact, the Cisco Anyconnect SSL VPN. The malware exploits it by using the CVE-2020-3259 vulnerability. Unfortunately, if you used the VPN in the past, even if you updated it constantly, there might already be some security problems regarding your data.

If you think that your data might be at risk, the best thing to do is to change your passwords. In addition, you could get an anti malware application featuring a ransomware detector to get rid of Akira. Furthermore, you could start moving to another email using a new device. However, that’s a bit of a last resort method.

In a nutshell, if you’ve been using Cisco Anyconnect VPN, use anti-malware on your device to protect your data. Afterward, change your password. Also, know that the Akira ransomware doesn’t affect just the Cisco VPN. It could target multiple VPN applications. Thus, you might want to always use a different password for your accounts and a different account for your VPN services.

What do you think? Are you going to change your VPN? Let us know in the comments.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *