The Akira ransomware gang has emerged as a significant threat to businesses and critical infrastructure entities across North America, Europe, and Australia, according to a recent joint cybersecurity advisory issued by the United States Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL).
TLDR
- The Akira ransomware gang has attacked over 250 organizations since March 2023, earning approximately $42 million in ransoms.
- Akira initially targeted Windows systems but has recently deployed a Linux variant targeting VMware ESXi virtual machines, which are widely used by large businesses and organizations.
- The gang exploits known Cisco vulnerabilities and uses spearphishing campaigns to breach organizations, disabling security software to avoid detection while moving laterally…