Akira breaches 2 more victims, the Blackburn College in the UK and the Vincentz Network in Germany. The latter is part of a multinational conglomerate dealing with geriatric care, paint industry, automotive services, furniture and woodworking, etc.
Akira is among the most active and aggressive ransomware operators. The organization is relatively young, as it first emerged publicly in March of 2023. While its main targets are on US and Canadian soil, the group often hits across the ocean as well.
Despite being a newcomer in the ransomware sphere, Akira quickly rose to become one of the most feared actors in the world. This is partly due to its connections with the now defunct Conti, with some suggesting an immigration of technology and manpower from Conti.
Despite these rumors, nothing has been verified yet. Akira continues to remain impenetrable to scrutiny and operate with as much impunity as ever.
We believe security online security matters and its our mission to make it a safer place.
The group shares name similarities with another Akira group that was primarily active in 2017. That ransomware family didn’t last very long, but was fairly active across its lifespan and shared the same .akira file extension as this novel version.
However, it seems like this is the only connection between the 2 organizations. This new group appears to be a Conti successor, as evidence pinpoints at former Conti operators now working for Akira.
Akira’s MO also points in that direction, as the group shares the same file encryption pattern and avoids the same file extensions that Conti did. The group’s motivations also seem to be purely financial, with ransoms ranging between $200,000 and $4 million.
Akira appears to target small and medium-sized victims, which make for more than 80% of the victims. Interestingly, one month after its conception, in June of 2023, Akira was responsible for over 500 hacking attempts.
The numbers went down significantly, as low as 80 attempts per month in the following months. According to the reports, France seems to be the most affected, registering 360 attacks in 2023.