Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Ukrainian Police Seize Servers of Software Firm Linked to NotPetya Cyberattack
July 5, 2017
Ukrainian National Police has released a video showing officers raiding company of M.E.Doc accounting software makers, whose systems have been linked to outbreak of Petya (NotPetya) ransomware that recently infected computers of several major companies worldwide. On 4th July, masked police officers from Ukrainian anti-cybercrime unit — carrying shotguns and assault rifles — raided the software ...
- Security researcher creates ‘vaccine’ against ransomware attack
June 28, 2017
A vaccination for the global cyber attack that infected thousands of machines in dozens of countries has been discovered by an American security researcher. The simple antidote to the Petya ransomware, which stops computers from being able to launch and demands a $300 (£234) payment, uses an empty folder to block the virus from working. It could prevent further ...
- Petya cyber attack: Ransomware spreads across Europe with firms in Ukraine, Britain and Spain shut down
June 27, 2017
Major firms, airports and government departments in Ukraine have been struck by a massive cyber attack which began to spread across Europe on Tuesday afternoon. In Ukraine, government departments, the central bank, a state-run aircraft manufacturer, the airport in Kiev and the metro network have all been paralysed by the hack. In the UK, the advertising firm WPP said ...
- Cyber security ‘as important as physical security’
June 23, 2017
A key figure in American business has urged all companies to take the cyber security threat more seriously after chastising his own accountant for paying a ransomware demand. Jorge Fernandez, VP global commerce for the Metro Atlanta Chamber, said it is time that firms took the same care in cyberspace as they do when installing physical ...
- University College London Suffers Major Ransomware Attack
June 16, 2017
The University College London (UCL) has been hit by a major ransomware attack on June 15, with the infection reaching personal and shared drives in the network. UCL admins explained in updates posted on the official website that the infection was most likely possible because of a zero-day, pointing out that antivirus systems failed to detect ...
- Apple Mac computers targeted by ransomware and spyware
June 13, 2017
Mac users are being warned about new variants of malware that have been created specifically to target Apple computers. One is ransomware that encrypts data and demands payment before files are released. The other is spyware that watches what users do and scoops up valuable information. Experts said they represented a threat because their creators were letting anyone ...