Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Georgia county pays a whopping $400,000 to get rid of a ransomware infection
March 9, 2019
Officials in Jackson County, Georgia, paid $400,000 to cyber-criminals this week to get rid of a ransomware infection and regain access to their IT systems. The ransomware hit the county’s internal network last week, on Friday, March 1, 11Alive reported on Wednesday. The infection forced most of the local government’s IT systems offline, with the exception of its website and 911 ...
- Data-Wiping Cyberattacks Plague Financial Firms
March 6, 2019
Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data. That’s according to a new Carbon Black report unveiled at RSA this year. The report, “Modern Bank Heists: The Bank Robbery Shifts to Cyberspace,” outlines the top attacks that financial firms are facing ...
- Ransomware encrypts Australian cardiac clinic’s patient files
February 21, 2019
Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the statement reads. ...
- Theoretical Ransomware Attack Could Lead to Global Damages Says Report
January 29, 2019
According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers. First of all, it is important to understand that although the numbers look very scary, this type of ...
- Global ransomware could cost almost $200bn
January 29, 2019
A global ransomware attack could cost $193 billion and affect more than 600,000 businesses worldwide, according to a new report. The report is called ‘Bashe Attack: Global infection by contagious malware’ and has been compiled by a Singapore-based public-private initiative called Cyber Risk Management. Lloyds of London is one of the initiatives founding members and posted ...
- GandCrab ransomware and Ursnif virus spreading via MS Word macros
January 21, 2019
Security researchers have discovered two separate malware campaigns, one of which is distributing the Ursnif data-stealing trojan and the GandCrab ransomware in the wild, whereas the second one is only infecting victims with Ursnif malware. Though both malware campaigns appear to be a work of two separate cybercriminal groups, we find many similarities in them. Both attacks start from phishing ...