Akira ransomware overview

Akira is a relatively new ransomware variant with Windows and Linux versions that came out in April 2023. Like many attackers, the gang behind this variant only uses the ransomware to encrypt files after first breaking into a network and stealing data. This group also employs a double extortion tactic, demanding a ransom from victims in exchange for file decryption and not leaking stolen information to the public.

According to an advisory issued by CERT India, Akira typically targets organizations running a VPN (virtual private network) service without multi-factor authentication configured. Purchasing network access from the initial access brokers is another possibility.

Read more…
Source: Fortinet