Akira Ransomware Breaches New Zealand’s Infosoft
Akira ransomware announced a new ransomware operation against Infosoft, a New Zealand-based software designer. The original post mentioned that the victim’s files would be available for download soon. This suggests that negotiations have failed.
- Infosoft is a software developer with a rich history in its market
- According to Akira’s post, the attack resulted in important data leaks
- Some of the data the hackers managed to obtain includes operational files, confidential project schematics, and personal information
- It’s unclear whether the attackers also managed to steal client-related information, and Infosoft hasn’t commented on the incident yet
There is also no clear information on the value of the ransom, but it is presumed to be considerably high. While Akira does adjust the ransom to the victim’s paying capabilities, it is well-known that the actor doesn’t play.
Akira is famous in the ransomware sphere as often demanding outlandish ransoms, sometimes ranging in the hundreds of millions. They are also quite blunt and unforgiving in negotiations, which gives them a scarier reputation overall.
Akira’s activity has been on the rise recently despite the FBI targeting ransomware organizations over the past several months. The law enforcement agency first infiltrated Lockbit, seizing their website and recovering numerous decryption keys.
The infamous BlackCat (ALPHV) followed shortly in the same manner, along with other smaller groups. Despite that, Akira appears to be undisturbed and carries on its business as usual.
Why Is Akira So Dangerous?
In the eyes of the non-initiate, Akira may not seem all that different from all the other ransomware groups in the sphere. But it is. There are several areas where Akira diverges from the norm considerably, including:
Constant Upgrades
It’s safe to say that Akira is very self-aware and realizes that it needs to upgrade its systems, tools, and tactics regularly to keep up with the advancements in cybersecurity. And that’s exactly what it does.
Akira’s efforts in updating its tools and systems are what allow it to remain on top of its game. It’s also what explains the organization’s ability to attack and infiltrate high-value targets consistently.
Its Effectiveness
Specialists have noticed that Akira switched from a double-extortion practice to a simple extortion one. The organization appears to no longer use system encryption during its operations.
Instead, it only steals data and negotiates for its deletion. The theory is that Akira does this thanks to its improved systems, which allow it to download more sensitive information than ever before. That alone comes with sufficient negotiation leverage.
The Unpredictability
Akira is very unpredictable, hitting multiple targets across various industries. They are only motivated by financial gains and will use every means at their disposal to ensure successful breaching.
These factors paint Akira as a resilient, elusive, and dangerous ransomware actor with a lot of aces up its sleeve. This last ransomware attack is but a sample of what Akira can really do.
If you believe you qualify as a potential ransomware victim, contact cybersecurity experts to help with your defenses. This is the most effective way of ensuring your and your business’s safety.
Our Mission
We believe security online security matters and its our mission to make it a safer place.
