Skip to main content
Black Friday Sale - Get 40% off Vantage
Get Started
SubscribeLogin
Published loading...Updated

FBI Warns Akira Ransomware Stole $244M from Businesses

  • On Thursday, the Cybersecurity and Infrastructure Security Agency , Federal Bureau of Investigation , Department of Defense Cyber Crime Center and Department of Health and Human Services issued a joint advisory warning Akira encrypts Nutanix AHV virtual machines.
  • Akira ransomware affiliates gain initial access by stealing or brute-forcing VPN and SSH credentials on exposed routers and firewalls, exploiting SonicWall CVE-2024-40766 and targeting a VPN without multifactor authentication earlier this year.
  • Researchers observed Akira using nltest, AnyDesk, LogMeIn, Impacket and exploiting Veeam Backup & Replication CVE-2023-27532 and CVE-2024-40711 to delete backups and exfiltrate data within two hours via Ngrok.
  • Critical industries face active attacks as Akira exploits edge and backup vulnerabilities, with officials saying the group has claimed more than $244 million in proceeds and the FBI monitoring over 130 ransomware variants.
  • Officials cautioned that Akira collaborates with other threat groups and exploits six new vulnerabilities, urging stronger defenses against its double‑extortion model and Tor leak threats this month.
Insights by Ground AI

20 Articles

The RegisterThe Register
Center

Akira ransomware starts hitting Nutanix AHV

: Advisory updated as leading cybercrime crew opens up its target pool

Read Full Article
Tech RadarTech Radar
Center

Akira ransomware is now targeting Nutanix VMs - and scoring big rewards

Akira ransomware hackers are expanding their reach - and increasing their profits.

·United Kingdom
Read Full Article
CyberScoopCyberScoop
Center

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses

Federal cyber authorities shared new details Thursday about the Akira ransomware group’s techniques, the tools it uses and vulnerabilities it exploits for initial access alongside the release of a joint cybersecurity advisory. Members of the financially motivated group, which initially appeared in March 2023, are associated with other threat groups, including Storm-1567, Howling Scorpius, Punk Spider, Gold Sahara, and may have connections with t…

Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

Akira actively engaged in ransomware attacks against critical sectors

The group has stepped up threat activity by abusing edge devices and other tools, reaping hundreds of millions in illicit gains.

Read Full Article
BleepingComputerBleepingComputer
Center

CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs

US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks.

Read Full Article
TechGenezTechGenez

10 Proven Ways To Protect Yourself Online

(TechGenez) – With 5.4 billion internet users and cybercrime projected to reach $10.5 trillion annually by 2025 (Cybersecurity Ventures), online safety is no longer optional. It’s survival. Here are 10 proven ways to protect yourself online. Whether you’re banking in Europe, trading crypto in Asia, or streaming in America, the threats are identical: phishing, ransomware, [...]

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

cisa.gov broke the news in on Thursday, November 13, 2025.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Cyber Security icon

Cyber Security

Hacking icon

Hacking

Business icon

Business

Technology icon

Technology

Cybercrimes icon

Cybercrimes

FBI icon

FBI

United States icon

United States

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal