Press ESC to close

Ransomware Gang Akira leaks unprecedented number of victims’ data in one day

Category Details
Threat Actors Akira ransomware Group (Ransomware-as-a-Service).
Campaign Overview Published data from 35 victims in a single day, 32 of which were new, signaling aggressive operations and an expanding profile in the cybercrime ecosystem.
Target Regions Majority in the U.S., with additional victims in Canada, Germany, the UK, and other locations.
Methodology Stealing and encrypting data, extorting victims through a leak site styled as an 80s command-line interface. Offers victims time for ransom negotiation before leaking.
Product Targeted Business services sector and others; no specific products identified in the report.
Malware Reference Akira ransomware.
Tools Used Leak site with a “news” section for extortion and a “leaks” section for publishing data.
Vulnerabilities Exploited Not specified, but likely involves exploiting enterprise security weaknesses for initial access and lateral movement.
TTPs Ransomware deployment, data theft for extortion, aggressive publishing of victim data, possible coordination with experienced affiliates.
Attribution Akira ransomware group, active since March 2023, likely composed of experienced ransomware actors.
Recommendations Strengthen data encryption and ransomware defenses, closely monitor for leak site activity, and improve incident response strategies.
Source The Record

Read full article: Read More

Disclaimer: The above summary has been generated by an AI language model.

Source: The Record from Recorded Future News

Published on: November 18, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *