Tanzeel Akhtar

Last updated:

| 1 min read

FBI, Europol Say Akira Ransomware Has Drained $42M from 250 Firms

Akira, a ransomware group, has drained $42 million from 250 firms since March 2023, said the Federal Bureau of Investigation (FBI), Europol, CISA, Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) in a joint statement.

Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files.

In an announcement, the national security organizations said Akira Akira ransomware has impacted businesses in North America, Europe, and Australia.

“In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines. As of January 1, 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds,” said the FBI, EC3, NCSC-NL in a joint statement,

In the statement, the security forces reveal technical details about the attacks.

“The early versions of the Akira ransomware variant were written in C++ and encrypted files with a .akira extension; however, beginning in August 2023, some Akira attacks began deploying Megazord, using Rust-based code which encrypts files with a .powerranges extension. Akira threat actors have continued to use both Megazord and Akira, including Akira_v2 (identified by trusted third-party investigations) interchangeably.”

In February, the website of major crypto ransomware operator LockBit was taken down in a coordinated effort by international enforcement agencies. The message displayed on the site confirms it is now “under control of law enforcement.”

The operation, involving the UK’s National Crime Agency (NCA), the FBI and Europol, and a wider international coalition, targeted the website itself, replacing its content with a statement claiming its control.

According to the Chainalysis 2024 Crypto Crime Report 2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022.

As a result of these attacks and others, ransomware gangs reached an unprecedented milestone, surpassing $1 billion in extorted cryptocurrency payments from victims.