The Akira ransomware has compromised over 250 organizations globally and amassed over $42 million in ransoms since early 2023.

Government bodies including CISA, the FBI, Europol, and the Dutch National Cyber Security Centre are tracking Akira's activities.

Akira has targeted multiple industries and has specifically developed tools to breach VMware ESXi servers using a Linux encryptor.

The threat actors engage in double extortion by stealing data prior to encrypting it, attaching a .powerranges extension to encrypted files.

A Rust-based code evolution of the malware has been identified, signifying technical advancement and complexity.

Akira's operators exploit vulnerabilities, notably in Cisco products, to infiltrate and escalate access in victim networks.

Two different ransomware variants are deployed for varied system architectures in a single attack, with tactics to disable security software.

The advisory from the agencies includes indicators of compromise and highlights a sophisticated hybrid encryption method used by the attackers.