Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Foxconn electronics giant hit by ransomware, $34 million ransom
December 9, 2020
Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin. BleepingComputer has been ...
- Ransomware attack cripples Vancouver public transportation agency
December 4, 2020
A ransomware attack has crippled the operations of TransLink, the public transportation agency for the city of Vancouver, Canada. The attack took place this week, on December 1, and has left Vancouver residents unable to use their Compass metro cards or pay for new tickets via the agency’s Compass ticketing kiosks. TransLink initially passed the incident as ...
- Ransomware gang says they stole 2 million credit cards from E-Land
December 3, 2020
Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last months ransomware attack. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store. Last month, E-Land Retail had to shut down 23 NC Department Store and New ...
- Kmart, Latest Victim of Egregor Ransomware
December 3, 2020
Retail stalwart Kmart has suffered a ransomware attack at the hands of the Egregor gang, according to a report. The incident has encrypted devices and servers connected to the company’s networks, knocking out back-end services, according to BleepingComputer. The outlet obtained the purported ransom note that claims to have compromised Kmart’s Windows domain. The company was purchased ...
- K12 online schooling giant pays Ryuk ransomware to stop data leak
December 2, 2020
Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November. K12 creates tailored online learning curriculums for students to learn from home while in kindergarten through 12th grade. Over 1 million students have utilized K12 to learn from home rather than in traditional public ...
- The Impact of Modern Ransomware on Manufacturing Networks
December 1, 2020
Ransomware threats have disrupted the manufacturing industry significantly in 2020. In a disturbing trend during the third quarter of the year, attackers appeared to be singling out manufacturing organizations as a victim of choice in their ransomware operations. Ransomware threats have disrupted the manufacturing industry significantly in 2020. These attacks have resulted in substantial losses in ...