Two Alleged Victim In Cyber Breach
The notorious Akira ransomware group has claimed two more victims, adding them to its list of Akira ransomware attacks. The claims were posted on a dark web forum where the threat actor boldly claimed the attack.
However, upon inspection of both victim websites, it was evident that the ransomware attack had not impacted the front end, as both sites remained accessible at the time of writing.
Akira Ransomware Attack: Two More Victims Added
On December 6, 2023, Compass Group Italia, an Italian-based company offering a diverse range of services to various sectors, allegedly fell prey to the Akira ransomware attack. The hackers infiltrated the company’s digital fortress, obtaining a staggering 107GB of sensitive data. This trove includes financial records, HR files, legal documents, and personal information, putting the company’s integrity at stake.
Simultaneously, Aqualectra Utility, the government-owned utility provider in Curacao, witnessed a breach of its digital infrastructure. With data soon to be available for download, the Akira ransomware attack on Aqualectra Utility compromised operational files, business documents, and a plethora of payment records. The breach threatens the security and privacy of over 80,000 households and companies relying on Aqualectra’s water and electricity services.
The Cyber Express, in pursuit of the truth, reached out to both Compass Group Italia and Aqualectra Utility for insights into the Akira ransomware attack. However, as of now, no official statements or responses have been received from the affected companies, leaving the claims of the attack unverified.
Akira Ransomware Tactics
Akira ransomware is gaining notoriety as one of the fastest-growing threats in the online world. Employing double extortion tactics and utilizing a ransomware-as-a-service (RaaS) distribution model, Akira is swiftly becoming a formidable force in the realm of cyber threats. The group’s unique payment options contribute to its rapid rise in the world of cybercrime.
A recent report analyzing blockchain and source code data indicates that the Akira ransomware group may be affiliated with the now-defunct Conti ransomware gang. Conti, known for its notorious exploits, is believed to be a descendant of the infamous Ryuk ransomware, emphasizing the evolving nature of ransomware tactics.
Akira ransomware, emerging in March 2023, has primarily targeted companies based in the US and Canada. Its Tor leak site boasts a distinctive retro appearance reminiscent of “1980s green-screen consoles.” According to a report from Sophos, navigation of the site requires specific commands, adding a layer of uniqueness to Akira’s approach.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
