Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Ransomware gangs now have industrial targets in their sights
February 2, 2021
Ransomware attacks are a potential danger for any organisation, with ransomware variants including Conti, Egregor, Maze and many others still successfully compromising victims across all industries – but there are some industries that criminal gangs are targeting more than others. The ransomware attacks are successful because many organisations can’t afford for their network to be out ...
- Minnesota: Netgain ransomware incident impacts local governments
February 2, 2021
The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. The government of Ramsey County learned about the potential breach on December 2, 2020, when Netagin ...
- UK Research and Innovation (UKRI) suffers ransomware attack
January 30, 2021
The UK Research and Innovation (UKRI) is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and ...
- Another ransomware now uses DDoS attacks to force victims to pay
January 24, 2021
Another ransomware gang is now using DDoS attacks to force a victim to contact them and negotiate a ransom. In October 2020, we reported that ransomware gangs were beginning to utilize DDoS attacks against a victims’ network or web site as an extra tool to force them to pay a ransom. At the time, the two ...
- Ransomware attacks now to blame for half of healthcare data breaches
January 15, 2021
Almost half of all data breaches in hospitals and the wider healthcare sector are as a result of ransomware attacks according to new research. Ransomware gangs are increasingly adding an extra layer of extortion to attacks by not only encrypting networks and demanding hundreds of thousands or even millions of dollars in bitcoin to restore them, ...
- Free decrypter released for victims of Darkside ransomware
January 11, 2021
Cybersecurity firm Bitdefender has released today a free tool that can help victims of the Darkside ransomware recover their encrypted files for free, without paying the ransom demand. The tool, available for download from the Bitdefender site, along with usage instructions, gives hope to companies that had important files locked and ransomed by one of today’s ...