110個組織遭勒索軟體Akira鎖定,利用思科SSL VPN漏洞入侵,加密Windows、Linux電腦檔案
· 2023-09-26

資安業者Logpoint提出警告,在駭客鎖定思科SSL VPN漏洞CVE-2023-20269入侵目前組織後,勒索軟體Akira攻擊態勢持續延燒,上個月成為前10大的勒索軟體家族

研究人員指出,一旦駭客得到內部網路的存取權限,就會使用遠端桌面連線工具AnyDesk、RustDesk,以及壓縮軟體WinRAR來進行後續攻擊行動,並且利用系統資訊工具PC Hunter及wmiexec橫向移動。

此外,為了讓檔案加密工作能順利執行,駭客會停用Windows內建的防毒軟體即時監控功能,並使用PowerShell下達刪除磁碟區陰影複製服務(VSS)的備份檔案。此外,這些駭客也開發了Linux版的加密程式,可用來加密VMware ESXi虛擬機器的檔案,進行綁架勒贖。

勒索軟體駭客採取寄生攻擊(LOLBins)手法,利用企業組織內現成的應用程式,執行攻擊行動,來迴避資安系統偵測的情況可說是非常普遍,其中,有許多駭客組織,如:LockBit、BlackByte,以及專門針對SQL Server的勒索軟體FreeWorld,濫用遠端桌面連線工具AnyDesk來存取受害主機,Akira也不例外。

但值得留意的是,這些駭客還運用另一款開源、跨平臺的遠端桌面連線工具RustDesk,而有可能架設自己的基礎設施架構,或是利用其內建的點對點(P2P)連線功能,讓攻擊行動變得更為隱密。

Popular articles
Kazakhstan plans to penalise online casino promotions
Regulation
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
That’s a Wrap: AffPapa Conference Madrid 2026 Highlights
Online Game
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
British gambling levy rates confirmed for each vertical
Regulation
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
GAT Expo CDMX 2026 Kicks Off Today in Mexico with a Sold-Out Opening Reception at Big Bola Casino Santa Fe
Marketing
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Indiana online casino bill stalls in House committee
Regulation
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
Manila delivers: Highlights from SiGMA Asia 2026 
Southeast Asia
Home
Game
Cooperation
Find
My