A year-old ransomware group known as Akira has breached over 250 organizations, extracting approximately $42 million in ransomware proceeds, as per alerts from top global cybersecurity agencies.
Investigations led by the United States Federal Bureau of Investigation (FBI) reveal that Akira ransomware has been targeting businesses and critical infrastructure entities across North America, Europe, and Australia since March 2023. Initially focused on Windows systems, the FBI recently discovered Akira’s Linux variant as well.
The FBI, alongside the Cybersecurity and Infrastructure Security Agency (CISA), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL), issued a joint cybersecurity advisory (CSA) to disseminate the threat to the public.
According to the advisory, Akira gains initial access through vulnerable pre-installed virtual private networks (VPNs) lacking multifactor authentication (MFA). Subsequently, it extracts credentials and sensitive data before encrypting systems and presenting a ransom note.
Akira threat actors refrain from leaving initial ransom demands or payment instructions on compromised networks, only providing this information upon contact by victims. They demand payments in Bitcoin (BTC) from victim organizations to restore access, often disabling security software post-access to avoid detection.
The advisory outlines several threat mitigation techniques, including the implementation of recovery plans and MFA, network traffic filtering, disabling unused ports and hyperlinks, and system-wide encryption. The agencies stress the importance of continuous security testing at scale in a production environment to counter identified MITRE ATT&CK techniques.
Previously, the FBI, CISA, NCSC, and the U.S. National Security Agency (NSA) issued alerts concerning malware targeting cryptocurrency wallets and exchanges. Notably, the report highlights data extraction within directories of Binance, Coinbase exchange applications, and the Trust Wallet application, irrespective of file type.
Get $200 Free Bitcoins every hour! No Deposit No Credit Card required. Sign Up