Akira Ransomware Gang Targets Linux Servers, Extorts $42 Million

The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on Windows systems but later shifted its attention to Linux servers, mainly targeting VMware ESXi virtual machines. The ransomware leverages different methods for initial access to target networks, such as exploiting known flaws in Cisco appliances, spear phishing, and abusing VPN services lacking multi-factor authentication protections. It also utilizes various tools for setting up persistence, privilege escalation, and lateral movement within networks.LinuxSecurity – Security ArticlesRead More