The notorious Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe, and Australia, is now targeting businesses in Singapore. Local authorities, including the Cyber Security Agency of Singapore, the Singapore Police Force, and the Personal Data Protection Commission, have issued a joint advisory to warn businesses of this rising threat. Several victims have already reported attacks to these agencies.
The FBI has identified that Akira mainly targets businesses and critical infrastructure. Singaporean authorities have provided guidance on detecting, deterring, and neutralizing Akira attacks. Compromised businesses are strongly advised against paying ransoms, as doing so does not guarantee data recovery or prevention of data publication and could lead to further attacks.
Recommended security measures include implementing a recovery plan, using multi-factor authentication, filtering network traffic, disabling unused ports and hyperlinks, and employing system-wide encryption.
North Korean Hackers Target South Korean Crypto Businesses
Kaspersky recently discovered that North Korean hackers are using Durian malware to attack South Korean cryptocurrency businesses. Durian malware has comprehensive backdoor functionality, enabling command execution, file downloads, and data exfiltration.
OKX and Loopring Security Breaches
OKX Hack
Hackers are targeting the cryptocurrency exchange OKX, with reports of users losing funds after receiving SMS risk notifications from Hong Kong. An unknown entity created new API keys with withdrawal and trading permissions, allowing them to drain coins from the platform. OKX has reached out to affected users and is investigating the incidents. The exchange has promised to bear the losses if found responsible.
Loopring Breach
The zkEVM protocol Loopring, known for its secure smart wallet application, suffered a security breach related to its ‘Guardian’ two-factor authentication service. A hacker bypassed the Guardian service to initiate unauthorized wallet recoveries. The breach affected wallets with single guardians, draining about $5 million worth of tokens. Loopring has suspended Guardian-related operations and is working with security experts and law enforcement to investigate the compromise.
Gemholic Project Conducts $3.5M Rug Pull
The Gemholic project, operating on the zkSync network, has executed a $3.5 million rug pull. Investors were deceived for a year with false promises of refunds. Once the funds were unlocked following a network upgrade, the project team withdrew 921 Ether and disappeared, deleting their X account and Telegram messages. Despite completing KYC verification with SolidProof, the verification service has not publicly addressed the situation.
Orbit Chain Hacker Moves $47.7M
The hacker behind the $82 million Orbit Chain hack moved $47.7 million to Tornado Cash after five months of inactivity. Blockchain analytics firm Arkham Intelligence reported that 12,932 Ether were transferred across seven transactions to a new address before being sent to Tornado Cash. The hacker’s remaining balance includes $51.1 million in ETH and small amounts of other cryptocurrencies. Orbit Chain is working with international law enforcement and has offered an $8 million bounty for information leading to the attacker’s identification or asset recovery.
