Akira

Also known as Akira v2
Reports
80
First seen
May 22
Last seen
Jun 26
Motivation
financial, extortion, financial extortion

Targeting

Sectors
manufacturing ×10other ×5professional services ×5retail ecommerce ×4hospitality ×4financial services ×3media entertainment ×2healthcare ×2
Victim regions
United States ×23Guyana ×2Germany ×1Japan ×1United Kingdom ×1

Top ATT&CK techniques

T1486 Data Encrypted for Impact ×17T1566 Phishing ×11T1021 Remote Services ×9T1190 Exploit Public-Facing Application ×8T1078 Valid Accounts ×7T1110 Brute Force ×6T1021.001 Remote Services: Remote Desktop Protocol ×6T1133 External Remote Services ×6T1195 Supply Chain Compromise ×6T1562 Impair Defenses ×6T1562.001 Impair Defenses: Disable or Modify Tools ×5T1136 Create Account ×4

Indicators

filename ×120domain ×87cve ×46ip_v4 ×38hash_sha256 ×12hash_sha1 ×4registry_key ×3hash_md5 ×2

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

High

Akira ransomware group publishes Precise Forms as victim

ransomware.live
High

Akira ransomware gang publishes JMS Southeast as victim

ransomware.live
Medium

Akira ransomware gang claims Padget Technologies as victim

ransomware.live
Medium

Akira ransomware publishes Jit Ex as new victim

ransomware.live
High

Akira ransomware gang publishes Miami Machine as victim

ransomware.live
High

Akira ransomware operators publish Leo International as new victim

ransomware.live
High

Akira ransomware gang publishes IH Engineers as victim

ransomware.live
High

Akira ransomware publishes NTD Apparel as victim

ransomware.live
High

Akira ransomware gang publishes Berg Lilly as victim

ransomware.live
High

Akira ransomware gang publishes Apptricity as victim

ransomware.live
High

Akira ransomware operators publish Smith Filter as new victim

ransomware.live
High

Akira ransomware gang publishes Insite Architects as victim

ransomware.live
High

Weekly Cybersecurity Recap: Chrome 0-Day, Oracle PeopleSoft Exploit, Supply Chain Attacks

The Hacker News
Medium

Akira ransomware gang publishes DDC Domus Design Collection as victim

ransomware.live
High

Akira Ransomware Affiliate Exploits Hypervisor, Uses LimeWire for Data Exfiltration

Huntress Blog
High

Akira ransomware claims Port Air Express as victim

ransomware.live
High

Akira ransomware publishes The Midland Theatre as victim

ransomware.live
High

Akira ransomware gang publishes Associated Investor Services as victim

ransomware.live
High

Akira ransomware publishes Spray Equipment & Service Center as victim

ransomware.live
Critical

New Veeam Backup & Replication RCE Vulnerability Affects Domain-Joined Servers

Bleeping Computer
High

Akira ransomware gang publishes Rockaway River Country Club as victim

ransomware.live
High

Akira ransomware gang publishes SMPC Architects as victim

ransomware.live
High

Akira ransomware gang publishes Centre Ellipse as new victim

ransomware.live
High

Akira ransomware gang publishes HRC Sicherheitsdienste as victim

ransomware.live
High

Akira ransomware group claims Kennon Worldwide as victim

ransomware.live
High

Akira publishes Oaks Park as new victim

ransomware.live
High

Akira ransomware gang publishes T/CCI Manufacturing as victim

ransomware.live
High

Akira ransomware claims National Standard Parts Associates as victim

ransomware.live
High

Akira ransomware claims Northern Ohio Regional Multiple Listing Service

ransomware.live
High

Akira ransomware claims three US real-estate and country-club entities

ransomware.live

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.