Keypoints:
- An Indonesian software programmer, Yohanes Nugroho, developed a method to brute-force the encryption of the Linux-based Akira ransomware variant. This offers a potential solution for Indonesian organizations and individuals who may fall victim to this global threat.
- The Akira ransomware, active since early 2023, has rapidly evolved to target both Windows and Linux (VMware ESXi) systems, amassing over $42 million in ransom payments globally.
- Nugroho’s decryptor leverages the power of Nvidia GPUs to test a vast number of potential decryption keys based on the ransomware’s use of nanosecond-resolution timestamps.
- The decryption process is computationally intensive, requiring significant GPU power and time, but cloud-based solutions can accelerate the process.
- While this breakthrough offers hope, the Akira ransomware developers are likely to adapt their methods, necessitating ongoing vigilance and proactive security measures.
What the Indonesian Government and Related Institutions Should Do:
- The National Cyber and Crypto Agency (BSSN) should analyze and disseminate information about the decryptor developed by Nugroho to relevant Indonesian organizations and cybersecurity professionals.
- BSSN should collaborate with cybersecurity firms and researchers to further refine the decryptor and explore potential vulnerabilities in other ransomware variants that may target Indonesian entities.
What Indonesian Citizens Should Know and Do:
- Be aware that while decryption tools can emerge, relying on them is not a primary security strategy. Focus on robust data backups and preventative measures against ransomware attacks.
- Understand that ransomware attacks can target various operating systems, including Linux-based server environments commonly used by businesses.
Read more..
https://www.hendryadrian.com/new-akira-ransomware-decryptor-leans-on-nvidia-gpu-power/