Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
12 résultats taggé Akira  ✕
Akira doesn’t keep its promises to victims — SuspectFile https://databreaches.net/2025/06/02/akira-doesnt-keep-its-promises-to-victims-suspectfile/
04/06/2025 13:17:35
QRCode
archive.org

Over on SuspectFile, @amvinfe has been busy exposing Akira’s false promises to its victims. In two posts this week, he reports on what happened with one business in New Jersey and one in Germany that decided to pay Akira’s ransom demands. He was able to report on it all because Akira failed to secure its negotiations chat server. Anyone who knows where to look can follow along if a victim contacts Akira to try to negotiate any payment for a decryptor or data deletion.

In one case, the victim paid Akira $200k after repeatedly asking for — and getting — assurances that this would all be kept confidential. In the second case, Akira demanded $6.9 million but eventually accepted that victim’s offer of $800k. The negotiations made clear that Akira had read the terms of the victim’s cyberinsurance policy and used that to calculate their demands.

If the two victims hoped to keep their names or their breaches out of the news, they may have failed. Although SuspectFile did not name them, others with access to the chats might report on the incidents. Anyone who read the chats would possess the file lists of everything Akira claimed to have exfiltrated from each victim. Depending on their file-naming conventions, filenames may reveal proprietary or sensitive information and often reveal the name of the victim.

So the take-home messages for current victims of Akira:

Akira has not been keeping its negotiations with you secure and confidential.
Paying Akira’s ransom demands is no guarantee that others will not obtain your data or find out about your breach.
Even just negotiating with Akira may be sufficient to provide researchers and journalists with data you do not want shared.
If you pay Akira and they actually give you accurate information about how they gained access and elevated privileges, you are now more at risk from other attackers while you figure out how to secure your network.

databreaches EN 2025 Akira ransomware promises
Hitachi Vantara takes servers offline after Akira ransomware attack https://www.bleepingcomputer.com/news/security/hitachi-vantara-takes-servers-offline-after-akira-ransomware-attack/
04/05/2025 13:08:23
QRCode
archive.org
thumbnail

Hitachi Vantara, a subsidiary of Japanese multinational conglomerate Hitachi, was forced to take servers offline over the weekend to contain an Akira ransomware attack.

The company provides data storage, infrastructure systems, cloud management, and ransomware recovery services to government entities and some of the world's biggest brands, including BMW, Telefónica, T-Mobile, and China Telecom.

In a statement shared with BleepingComputer, Hitachi Vantara confirmed the ransomware attack, saying it hired external cybersecurity experts to investigate the incident's impact and is now working on getting all affected systems online.

"On April 26, 2025, Hitachi Vantara experienced a ransomware incident that has resulted in a disruption to some of our systems," Hitachi Vantara told BleepingComputer.

"Upon detecting suspicious activity, we immediately launched our incident response protocols and engaged third-party subject matter experts to support our investigation and remediation process. Additionally, we proactively took our servers offline in order to contain the incident.

"We are working as quickly as possible with our third-party subject matter experts to remediate this incident, continue to support our customers, and bring our systems back online in a secure manner. We thank our customers and partners for their patience and flexibility during this time."

bleepingcomputer EN 2025 Akira Cyberattack Hitachi Hitachi-Vantara Ransomware
Akira ransomware can be cracked with sixteen RTX 4090 GPUs in around ten hours — new counterattack breaks encryption | Tom's Hardware https://www.tomshardware.com/tech-industry/cyber-security/akira-ransomware-cracked-with-rtx-4090-new-exploit-to-brute-force-encryption-attack
17/03/2025 21:20:17
QRCode
archive.org
thumbnail

Tinyhack publishes a full how-to guide on brute-forcing past the Akira ransomware's encryption attack and freeing captive files.

tomshardware EN 2025 Akira ransomware RTX4090 ceack Tinyhack brute-forcing
Fog ransomware targets SonicWall VPNs to breach corporate networks https://www.bleepingcomputer.com/news/security/fog-ransomware-targets-sonicwall-vpns-to-breach-corporate-networks/
27/10/2024 15:39:07
QRCode
archive.org
thumbnail

Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls.

bleepingcomputer EN 2024 Akira CVE-2024-40766 Firewall Fog-Ransomware SonicWall SSL-VPN
Akira ransomware continues to evolve https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/
26/10/2024 13:05:58
QRCode
archive.org
thumbnail

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group's attack chain, targeted verticals, and potential future TTPs.

talosintelligence EN 2024 Akira analysis ransomware group TTPs
Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts https://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/
10/09/2024 08:26:42
QRCode
archive.org
thumbnail

In recent threat activity observed by Arctic Wolf, Akira ransomware affiliates carried out ransomware attacks with an initial access vector involving the compromise of SSLVPN user accounts on SonicWall devices.

arcticwolf EN 2024 SonicWall Akira SSLVPN ransomware CVE-2024-40766
Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver  https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl.html
31/01/2024 12:00:59
QRCode
archive.org
thumbnail

In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.  

trendmicro EN 2024 reports ransomware research BYOVD PsExec Kasseika Akira Martini
Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware https://arcticwolf.com/resources/blog/follow-on-extortion-campaign-targeting-victims-of-akira-and-royal-ransomware/
11/01/2024 20:46:01
QRCode
archive.org
thumbnail

Arctic Wolf Labs has investigated several cases where ransomware victims are being targeted for follow-on extortion attempts by threat actors who are aware of ransom attack details.

arcticwolf 2024 Extortion Campaign fake expert ransomware Akira Royal
Decrypted: Akira Ransomware https://decoded.avast.io/threatresearch/decrypted-akira-ransomware/
03/07/2023 07:29:08
QRCode
archive.org
thumbnail

Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.

avast EN 2023 Akira decryptor Windows ransomware
Akira Ransomware Extends Reach to Linux Platform https://blog.cyble.com/2023/06/28/akira-ransomware-extends-reach-to-linux-platform/
28/06/2023 14:45:02
QRCode
archive.org
thumbnail

Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors.

cyble EN 2023 Akira Ransomware Linux
Akira Ransomware is “bringin’ 1988 back” https://news.sophos.com/en-us/2023/05/09/akira-ransomware-is-bringin-88-back/
12/05/2023 10:55:46
QRCode
archive.org
thumbnail

A new recently observed ransomware family dubbed Akira uses a retro aesthetic on their victim site very reminiscent of the 1980s green screen consoles and possibly takes its namesake from the popular 1988 anime film of the same name.

sophos EN 2023 Akira ransomware analysis
Meet Akira — A new ransomware operation targeting the enterprise https://www.bleepingcomputer.com/news/security/meet-akira-a-new-ransomware-operation-targeting-the-enterprise/
07/05/2023 18:35:50
QRCode
archive.org
thumbnail

The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms.

Akira Data-Leak-Site Extortion Ransomware Security InfoSec Computer-Security
4395 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio