The Akira ransomware gang has developed a new method of attack by exploiting unsecured webcams, which allowed them to bypass Endpoint Detection and Response (EDR) systems in place. Researchers from S-RM highlighted that although initial ransomware deployment was blocked by EDR, the attackers leveraged remote access tools, particularly AnyDesk, to gain persistence and exfiltrate data. After moving to a server via Remote Desktop Protocol (RDP), the gang attempted to deploy their ransomware, initially as a password-protected zip file, but the protection measures remained effective against this tactic.
Cybersecurity researchers at S-RM uncovered that the Akira ransomware gang used an unsecured webcam to launch encryption attacks, successfully bypassing Endpoint Detection and Response systems.
Initially blocked by EDR, the Akira ransomware exploited an unsecured webcam and advanced through remote access tools and RDP design paths to deploy ransomware.
Collection
[
|
...
]