Ransomware
Akira
First seen: 2023-03 • Status: active
Currently Active Threat
Akira ransomware uses a cool retro look for their website but does serious damage to small and medium businesses.
Overview
Akira is a ransomware group with possible ties to Conti. They target SMBs and use a retro 1980s aesthetic for their leak site.
Also Known As
Akira Ransomware
How It Spreads
- • VPN exploitation
- • Valid credentials
- • Cisco vulnerabilities
What It Does
- • File encryption
- • Data theft
- • Double extortion
Is your business exposed?
Target Platforms
Windows, Linux
Detection Tips
- • Secure VPN devices
- • Monitor for Akira indicators
MITRE ATT&CK Techniques
T1486, T1567, T1133
If You're Infected
- 1.
Patch VPN appliances
- 2.
Audit VPN access logs
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required