The Akira ransomware group has amassed over $244 million through its cyberattacks, targeting critical infrastructure and business systems worldwide. They utilize sophisticated methods, including vulnerability exploitation and credential theft, to gain access and deploy ransomware on vulnerable systems. #AkiraRansomware #CVE202440766
Keypoints
- The Akira group primarily targets VMware ESXi servers and has expanded to other vulnerabilities in 2025.
- They exploit multiple vulnerabilities, including CVE-2024-40766 and CVE-2023-28252, for initial access.
- The hackers use credential theft, password spraying, and brute-force attacks to compromise networks.
- Once inside, they escalate privileges, create admin accounts, and exfiltrate data rapidly.
- They deploy ransomware with specific extensions, leave ransom notes, and frequently bypass security defenses.
Read More: https://www.securityweek.com/akira-ransomware-group-made-244-million-in-ransom-proceeds/