Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines.
As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds. Early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- UK teen arrested for alleged role in MGM Resorts cyberattack
July 21, 2024
A 17-year-old boy from Walsall has been arrested in connection with the September 2023 cyberattack that crippled MGM Resorts for several days. The West Midlands Police, working alongside the FBI and the National Crime Agency (NCA), apprehended the teenager on Thursday, 18th July, on suspicion of violating the UK’s Computer Misuse Act and blackmail offenses. Authorities ...
- Cyber Crime Group Provides Ransomware Decryptor to Indonesian National Data Center
July 9, 2024
The cyber crime group that locked up an Indonesian national data center last month, impacting hundreds of government services, has opted to provide the ransomware decryptor for free. This was accompanied by an apology, but also a donation link exhorting the Indonesian government and public to show gratitude for their supposed generosity. “Brain Cipher” is a ...
- Cyber extortion sees huge rise – and small businesses are four times more likely to be hit
July 4, 2024
Cyber extortion remains the most prominent threat facing businesses of all sizes across all industries, a new report from Orange Cyberdefense has found. The 2024 Cy-Explorer report worryingly uncovered that the number of victims of cyber extortion scams has grown by 77% year on year. In Q1 of 2024 alone, there were 1,046 organizations that were ...
- UK and US cops band together to tackle Qilin’s ransomware shakedowns
June 25, 2024
UK and US cops have reportedly joined forces to find and fight Qilin, the ransomware gang wreaking havoc on the global healthcare industry. In early June, the notorious Russia-based crew attacked Synnovis, which provides pathology services to National Health Service’s London hospitals. The digital intrusion has led to the cancellation or postponement of surgeries for thousands ...
- Indonesian government says national data center was hit in ransomware attack – but it won’t pay up
June 25, 2024
The government of Indonesia has suffered a ransomware attack that crippled many of its organizations and caused quite a nuisance for its citizens – but says it won’t be held to ransom. Government officials confirmed its National Data Center (PDN) was struck on June 20, with the attack apparently organized by an affiliate of LockBit, with ...
- Stolen test data and NHS numbers published by Qilin hackers
June 21, 2024
A gang of cyber criminals causing huge disruption to multiple London hospitals has published sensitive patient data stolen from an NHS blood testing company. Overnight on Thursday, Qilin shared almost 400GB of the private information on their darknet site. The gang has been trying to extort money from NHS provider Synnovis since they hacked the firm ...