Recent surge in Akira ransomware attacks targets SonicWall firewall devices, potentially exploiting a zero-day vulnerability. Security experts recommend disabling SonicWall SSL VPNs and applying security measures until patches are available. #Akira #SonicWallVulnerability
Keypoints
- Akira ransomware has targeted SonicWall devices since July 2024, exploiting a suspected zero-day vulnerability.
- The ransomware group has claimed over $42 million in ransom payments from more than 250 victims globally.
- Attacks often start with unauthorized access via SonicWall SSL VPN connections, possibly through a zero-day or credential theft.
- Cybersecurity authorities advise temporarily disabling SonicWall SSL VPN and enhancing security measures.
- SonicWall urged users to patch SMA 100 appliances against a critical flaw (CVE-2025-40599) to prevent exploitation.