Akira Ransomware Banks $42 Million in Ransom Payments Over a Single Year - #Akira
The Akira ransomware group has emerged as a significant cyber threat, targeting over 250 organizations across North America, Europe, and Australia since early 2023. Initially focusing on Windows systems, the group has expanded its operations to include Linux variants, particularly targeting VMware ESXi virtual machines. Akira has amassed approximately $42 million in ransom payments by employing sophisticated tactics such as exploiting vulnerabilities in VPN services, credential harvesting, and disabling security software. The group deploys multiple ransomware variants simultaneously, using a hybrid encryption scheme and exfiltrating data before encryption for double extortion. Cybersecurity agencies have issued advisories detailing Akira's tactics, techniques, and procedures, urging organizations to implement robust security measures to mitigate the risks posed by this evolving threat.