New Akira Ransomware

Since April 2023, a new ransomware strain called Akira has been on the rise, with at least 16 publicly disclosed victims. Researchers from Cyble Research and Intelligence Labs (CRIL) identified the strain through a Reddit thread. Akira's threat actors are using double extortion techniques to maximize profits, including through their own data leak site. According to CRIL, the Akira ransomware homepage has a "‘news’ command that reveals a comprehensive list of 16 victim organizations targeted by the group as of May 5th. The stolen information is summarized for each organization and can be viewed on the same page." Additionally, Akira's 'leaks' section on their data leak site allows downloads of data from five victims who refused to pay the ransom. Akira has affected a range of industries, including construction, education, financial services, healthcare, insurance, and manufacturing.