Akira Ransomware Extorts $42M, Hits 250+ Entities Globally: Agencies Warn

April 22, 2024
Akira Ransomware Extorts $42M, Hits 250+ Entities Globally: Agencies Warn
  • The Akira ransomware has compromised over 250 organizations globally and amassed over $42 million in ransoms since early 2023.

  • Government bodies including CISA, the FBI, Europol, and the Dutch National Cyber Security Centre are tracking Akira's activities.

  • Akira has targeted multiple industries and has specifically developed tools to breach VMware ESXi servers using a Linux encryptor.

  • The threat actors engage in double extortion by stealing data prior to encrypting it, attaching a .powerranges extension to encrypted files.

  • A Rust-based code evolution of the malware has been identified, signifying technical advancement and complexity.

  • Akira's operators exploit vulnerabilities, notably in Cisco products, to infiltrate and escalate access in victim networks.

  • Two different ransomware variants are deployed for varied system architectures in a single attack, with tactics to disable security software.

  • The advisory from the agencies includes indicators of compromise and highlights a sophisticated hybrid encryption method used by the attackers.

Summary based on 1 source

Get a daily email with more Tech stories

Related Stories