Connect with us

Cyber Crime

Beware Of ‘Royal Ransomware’ Virus Attacking Critical Sectors In India: CERT-In

Published

on

Beware Of 'Royal Ransomware' Virus Attacking Critical Sectors In India CERT-In

NEW DELHI: The Indian Computer Emergency Response Team (CERT-In) has warned individuals and organizations in India about the Royal Ransomware virus.

This malicious software targets critical infrastructure sectors, including manufacturing, communications, healthcare, and education, and even individuals, encrypting their files and demanding payment in Bitcoin to avoid leaking personal data to the public domain.

According to the CERT-In advisory, the Royal Ransomware virus spreads through phishing emails, malicious downloads, abusing RDP (remote desktop protocol), and other forms of social engineering. This virus was first detected in January 2022 and became active sometime around September last year, with the US authorities already issuing advisories against its spread.

ALSO READ: Beware! That IT Returns SMS Can Empty Your Bank Account: CERT-In Issues Advisory Against New Trojan That Hit 27 Banks

The advisory also revealed that the threat actors use various tactics to deceive victims into installing remote access software as part of callback phishing. Once the virus infects the system, it encrypts the files and deletes shadow copies to prevent recovery.

The Royal Ransomware virus does not share information like the ransom amount or any instructions, as it connects with the victim directly via a .onion URL route (darkweb browser). The malware also exfiltrates a large amount of data before encryption and disables anti-virus protocols after getting access to the domain controller.

ALSO READ: Protect Your Phone From Bot & Virus Using Free App Developed By CERT-In

To safeguard against this and similar ransomware attacks, CERT-In has recommended a set of counter-measures and internet hygiene protocols. These measures include maintaining offline backup data and regularly maintaining backup and restoration, enabling protected files in the Windows Operating System, disabling remote desktop connections, employing least-privileged accounts, and limiting users who can log in using remote desktop.

ALSO READ: Step By Step Guide: How To File Cybercrime Complaint Online In India

Other best practices include having an updated anti-virus on computer systems, not clicking on unsolicited emails from unknown links, and encrypting all backup data, making it immutable (i.e., cannot be altered or deleted) and covering the entire organization’s data infrastructure.

ALSO READ: Report Data Breach & Cyber Incidents Within 6 Hours: CERT-In New Directives To Firms & Government Agencies

Individuals and organizations should be vigilant and take necessary precautions to safeguard themselves against this lethal virus. Following the recommended protocols will help prevent data loss and reduce the risk of financial and reputational damage.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube

Continue Reading