Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Linguistic Analysis Suggests WannaCry Hackers Could be From Southern China
May 29, 2017
It’s been almost four weeks since the outcry of WannaCry ransomware, but the hackers behind the self-spread ransomware threat have not been identified yet. However, two weeks ago researchers at Google, Kaspersky Lab, Intezer and Symantec linked WannaCry to ‘Lazarus Group,’ a state-sponsored hacking group believed to work for the North Korean government. Now, new research from ...
- Has WannaCry trashed reputations of leading cyber-security vendors?
May 25, 2017
There is no doubt that many organisations received an unwelcome penetration test of their security software in the form of the WannaCry ransomware attack. The question is, can security vendors survive with their reputations intact after what appears to be such a massive failure? SC Media UK had an opportunity to chat with the man who ...
- Cyber superweapons and Windows XP – 5 reasons why the NHS attack was so successful
May 18, 2017
The Wanna Decryptor (Wannacry) attack is being cited as the largest ransomware attack in history – it was certainly the largest and most disruptive cyber attack ever launched against the UK’s National Health Service (NHS). The attack, which struck organisations across the globe on May 14 2017, knocked 40 NHS hospitals offline and cut access to ...
- Cyber security stocks rise in wake of global ‘ransomware’ attack
May 16, 2017
A global “ransomware” attack disrupting factories, hospitals, shops and schools spurred investors on Monday to buy stocks expected to benefit from a pickup in cyber security spending by companies and government agencies. The cyber attack began spreading across the globe on Friday and by Monday had infected 300,000 computers in more than 150countries. “These attacks help focus ...
- Shadow Brokers teases more Windows exploits and cyberespionage data
May 16, 2017
A group of hackers that previously leaked alleged U.S. National Security Agency exploits claims to have even more attack tools in its possession and plans to release them in a new subscription-based service. The group also has intelligence gathered by the NSA on foreign banks and ballistic missile programs, it said. The Shadow Brokers was responsible for leaking ...
- Ransomware attack inflames intelligence scrutiny
May 16, 2017
The “Wanna Cry” ransomware attack producing global shockwaves has renewed focus on the activities of the National Security Agency (NSA) and how the government decides to disclose cyber vulnerabilities to the private sector. The ransomware campaign, which broke out on Friday and has spread to at least 150 countries and 300,000 machines, is widely believed to ...