Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

The new ransomware strain is picking off big businesses one by one - and yours could be next

Ransomware

There’s a new ransomware player in town, targeting big businesses and demanding even bigger payouts from its victims.

The group, called Akira, was discovered by the MalwareHunterTeam, who discovered a sample of the encryptor and shared it with BleepingComputer. As per the researchers, Akira was launched in March 2023, and has since (by its own claims) raided 16 companies. 

Akira targets mostly enterprises, but doesn’t seem to favor any specific vertical, as so far it targeted firms in education, finance, real estate, manufacturing, and consulting industries.

Millions of dollars

Of those 16, Akira leaked data belonging to four, with the leaked databases varying in size, from roughly 6GB to more than 250GB.

The publication has also seen some of the negotiations communication Akira conducted with its victims, from which it learned that the ransom ranges from $200,000, to “millions of dollars”. However, the group is happy to lower its demands for firms that don’t need the decryptor and just want to make sure the attackers don’t leak sensitive data to the dark web.

Other than that, the group’s modus operandi is similar to what we’ve seen with other threat actors. It will first look for an opening in a corporate network (either by phishing login credentials from gullible employees, or by exploiting a flaw in hardware and software), and then move laterally to as many devices as possible. 

After gaining Windows domain admin credentials, the group would steal as many sensitive files as it can, before delivering the ransomware to all of the endpoints on the network. The payout is demanded in cryptocurrency. 

As usual, the best way to defend against ransomware attacks is to keep both software and hardware up to date, to install state-of-the-art antivirus and endpoint protection systems, and to educate the staff to be able to spot phishing and social engineering attacks. 

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.