Akira ransomware has caused significant financial loss, with over $244 million in proceeds since late September 2025, and has demonstrated advanced tactics including data exfiltration in just over two hours. The ransomware exploits vulnerabilities in SonicWall, Veeam, and SSH, using various methods such as tunneling tools and remote access to breach networks. #AkiraRansomware #SonicWallVulnerabilities #VeeamExploitation
Keypoints
- Akira ransomware has accumulated over $244 million in ransom proceeds since September 2025.
- The group exploits SonicWall vulnerabilities, including CVE-2024-40766, to gain initial access.
- They also compromise networks via SSH, VPN credentials, and unpatched Veeam backup servers.
- Akira employs tunneling tools and remote access software to persist and evade detection.
- Organizations are advised to remediate vulnerabilities, enforce MFA, and maintain offline backups to mitigate risks.
Read More: https://www.infosecurity-magazine.com/news/akira-ransomware-244m-in-illicit/