Meet Akira — A new ransomware operation targeting the enterprise

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/security/meet-akira-a-new-ransomware-operation-targeting-the-enterprise/
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms.
Launched in March 2023, Akira claims to have already conducted attacks on sixteen companies. These companies are in various industries, including education, finance, real estate, manufacturing, and consulting.

While another ransomware named Akira was released in 2017, it is not believed that these operations are related.

The Akira encryptor​


A sample of the Akira ransomware was discovered by MalwareHunterTeam, who shared a sample with BleepingComputer so we could analyze it.
When executed, Akira will delete Windows Shadow Volume Copies on the device by running the following PowerShell command:
...
... ...
Click to expand...

At the time of this writing, Akira has leaked the data for four victims on their data leak site, with the size of the leaked data ranging from 5.9 GB for one company to 259 GB for another.
From negotiations seen by BleepingComputer, the ransomware gang demands ransoms ranging from a $200,000 to millions of dollars.

They are also willing to lower ransom demands for companies who do not need a decryptor, and just want to prevent the leaking of stolen data.
The ransomware is currently being analyzed for weaknesses, and BleepingComputer does not advise victims to pay the ransom until its determined if a free decryptor can recover files for free.
Click to expand...
 
  • Like
  • +Reputation
Reactions: upnorth, [correlate], Nevi and 6 others
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • Wow
Akira ransomware targets Cisco VPNs to breach organizations
Replies
0
Views
1,145
News Archive
[correlate]
[correlate]
Gandalf_The_Grey
    • Like
    • Wow
US energy firm shares how Akira ransomware hacked its systems
Replies
0
Views
652
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Lymphocyte
    • Wow
    • +Reputation
    • Like
Security News Nissan confirms ransomware attack exposed data of 100,000 people
Replies
1
Views
670
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top