"Akira Ransomware: Lightning-Fast Data Exfiltration in 2-ish Hours"

According to the BlackBerry Threat Research and Intelligence Team, "Akira" ransomware actors can now exfiltrate data from victims in just over two hours, a significant change in the average time it takes a cybercriminal to get to the stage where they collect information. BlackBerry's analysis of a June Akira ransomware attack on a Latin American airline reveals that the threat actor used the Secure Shell (SSH) protocol to gain initial access through an unpatched Veeam backup server and stole information before launching the Akira ransomware the following day. "Storm-1567," also known as "Punk Spider" and "Gold Sahara," is suspected of having been behind the attack. The group is a prolific user of the Akira Ransomware-as-a-Service (RaaS) and maintains the Akira leak site. This article continues to discuss recent findings regarding Akira ransomware actors and the overall shrinking of the time-to-exfiltration.

Dark Reading reports "Akira Ransomware: Lightning-Fast Data Exfiltration in 2-ish Hours"

Submitted by grigby1