FBI, Europol Say Akira Ransomware Has Drained $42M from 250 Firms

cryptonews.com:

Akira, a ransomware group, has drained $42 million from 250 firms since March 2023, said the Federal Bureau of Investigation (FBI), Europol, CISA, Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) in a joint statement.

Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files.

In an announcement, the national security organizations said Akira Akira ransomware has impacted businesses in North America, Europe, and Australia.

“In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines. As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds,” said the FBI, EC3, NCSC-NL in a joint statement,

The FBI, along with our USG and foreign partners, is determined to #StopRansomware. Read this #CybersecurityAdvisory about Akira ransomware group, which has impacted over 250 organizations and claimed approximately $42 million in ransomware proceeds: https://t.co/mnsuJv2IU4 pic.twitter.com/HskVX43eSq

— FBI (@FBI) April 18, 2024

In the statement, the security forces reveal technical details about the attacks.

“The early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension. Akira threat actors have continued to use both Megazord and Akira, including Akira_v2 (identified by trusted third-party investigations) interchangeably.”

In February,