Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Apple Pressured to Pay Ransom by Hackers Threatening to Remotely Wipe iPhones
March 22, 2017
Apple is currently under pressure to pay a ransom to a group of hackers who are threatening to remotely wipe iPhones. It seems the hackers are identifying themselves as “Turkish Crime Family.” Taking into account just how big Apple is and how deep its pockets go, the hackers only demanded $75,000 in Bitcoin or Ethereum, another ...
- New Spam Campaign via Necurs Botnet Tries to Manipulate the Stock Market
March 21, 2017
The Necurs botnet is known as the largest spam botnet in the world, particularly for distributing Locky ransomware and Dridex. Now, it looks like Necurs is taking on a new role as someone tries to manipulate the stock market. The discovery was made by Cisco’s threat intelligence organization Talos, which notes that after being offline for ...
- Cyber security: Experts warn on rise of hacker ransoms
March 14, 2017
Smartphones, watches, televisions and fitness trackers could be used to hold people to ransom over personal data, cyber security experts have warned. Ransomware, which makes devices unusable until their owners pay to unlock them, has become increasingly prevalent in the past year, they say. Devices holding photos, emails and fitness information could be targeted. The risk to business ...
- Ransomware Took Down Washington DC CCTV Days Before Trump’s Inauguration
January 30, 2017
Just days before the inauguration of President Trump, the storage devices recording data from the D.C. Police surveillance cameras were infected by hackers. According to the Washington Post, some 70 percent of the abovementioned storage devices had been infected, which forced citywide reinstallation efforts, especially since it all happened eight days before one of the largest ...