Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th)
Most Akira write-ups focus on the ransom note or the encryption routine. By the time those show up the interesting forensic work is over.
Akira
Ransomware
Ransomware active since 2023, targeting SMBs with a retro 1980s-themed leak site. Uses double-extortion tactics.
Also known as: akira ransomware, akira gang malware
AI Intelligence Brief cached
Related YARA Rules View all on YARA Rules page →
90-Day Activity
All Articles (4)
Last 90 Days
All Time
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point
Researchers Observe Sub-One-Hour Ransomware Attacks
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour
This month in security with Tony Anscombe – November 2025 edition
Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news