Alias Description | Votes |
---|---|
Black Basta is a possible alias for Akira. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses | 6 |
Conti is a possible alias for Akira. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op | 6 |
Megazord is a possible alias for Akira. Megazord is a new variant of the Akira ransomware, first observed in deployment by Akira threat actors around August 2023. Initially focusing on Windows systems, the malware evolved to target Linux VMware ESXi virtual machines. Early versions of Akira were written in C++, encrypting files with an .a | 4 |
Hive is a possible alias for Akira. Hive is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It often enters undetected through dubious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. In one notable incident, an enti | 3 |
Powerranges is a possible alias for Akira. | 3 |
Akira_v2 is a possible alias for Akira. Akira_v2 is a variant of the Akira malware, identified and confirmed by trusted third-party investigations. The Akira threat actors were initially observed deploying the Windows-specific "Megazord" ransomware, with further analysis revealing that a second payload, later identified as Akira_v2, was c | 2 |
REvil is a possible alias for Akira. REvil, a notorious ransomware, emerged as a significant threat to cybersecurity in the context of an increasing trend towards Ransomware as a Service (RaaS) model in 2020. It is connected with other first-stage malware such as Gootkit and Dridex, which pave the way for the REvil ransomware attack. T | 2 |
Akira Ransomware Gang is a possible alias for Akira. The Akira ransomware gang, a malicious threat actor in the cybersecurity landscape, has been actively involved in several high-profile cyber attacks. They use sophisticated techniques to infiltrate systems and steal sensitive data, posing significant threats to both private companies and government | 2 |
Trigona is a possible alias for Akira. Trigona was a significant strain of ransomware that emerged in 2022, known for its harmful effects on computer systems. The malware infiltrated systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it could steal personal information, disrupt ope | 2 |
Gold Sahara is a possible alias for Akira. | 2 |
Punk Spider is a possible alias for Akira. | 2 |
Karakurt is a possible alias for Akira. Karakurt is a malicious software (malware) that has been linked to significant data extortion activities. The malware is affiliated with the notorious Conti cybercrime syndicate and ITG23, which are known for their disruptive operations, including data theft and ransom demands. In 2023, there was a | 2 |
Zeon is a possible alias for Akira. Zeon, a known threat actor in the cybersecurity landscape, has been linked to several high-profile ransomware attacks. It was instrumental in crypting SVCReady and CargoBay loaders, observed in Quantum and Royal ransomware attacks respectively. Zeon has also employed third-party ransomware such as B | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Blackbasta Malware is associated with Akira. BlackBasta is a notorious malware, particularly known for its ransomware attacks. The group behind it has been linked with other harmful software such as IcedID, NetSupport, Gozi, PikaBot, Pushdo, Quantum, Royal, and Nokoyawa. Artifacts and indicators of compromise (IoCs) suggest a possible relation | Unspecified | 4 |
The Cactus Malware is associated with Akira. Cactus is a malicious software (malware) known for its destructive capabilities, particularly in the form of ransomware attacks. It primarily infiltrates systems through suspicious downloads, emails, or websites and can cause severe damage by stealing personal information, disrupting operations, or | Unspecified | 3 |
The TrickBot Malware is associated with Akira. TrickBot is a notorious malware developed by cybercriminals to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software can steal personal information, disrupt operations, or even hold data hostage for ransom. Vladimir Dunaev, | Unspecified | 2 |
The IceFire Malware is associated with Akira. IceFire is a malicious software (malware) that has been detected as part of the Linux ransomware family. It was initially known for attacking Windows systems, but recent developments have seen it expand its reach to both Linux and Windows systems. The shift by IceFire to target Linux systems worldwi | Unspecified | 2 |
The Ryuk Malware is associated with Akira. Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves | Unspecified | 2 |
The Werewolves Malware is associated with Akira. The Werewolves group, a new entrant into the malware scene, has been identified as a significant threat due to its use of LockBit3 ransomware and leaked Conti source code. The group, which was first reported by Russian cybersecurity firm F.A.C.C.T. in November 2023, began its operations in June 2023 | Unspecified | 2 |
The Ghost Malware is associated with Akira. "Ghost" refers to a sophisticated malware network that was discovered and dismantled in 2020 following a two-year investigation led by Europol and global law enforcement agencies. The network, also known as the Stargazers Ghost Network, was found to be operating through GitHub accounts, distributing | is related to | 2 |
The Blacksuit Malware is associated with Akira. BlackSuit is a malicious software (malware) that has been causing significant harm in the digital world. It infiltrates systems through dubious downloads, emails, or websites, and once inside, it can steal personal data, disrupt operations, or hold data hostage for ransom. BlackSuit malware, which i | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Alphv Threat Actor is associated with Akira. Alphv, a threat actor also known as BlackCat, has been identified as a significant player in the cybercrime landscape. The group is responsible for numerous high-profile ransomware attacks, including a major breach of the Morrison Community Hospital, where they pilfered 5TB of data. Additionally, Al | Unspecified | 8 |
The Medusa Threat Actor is associated with Akira. Medusa, a prominent threat actor in the cybersecurity landscape, has been increasingly active with its ransomware attacks. The group made headlines in November 2023 when it leveraged a zero-day exploit for the Citrix Bleed vulnerability (CVE-2023-4966), leading to numerous compromises alongside othe | Unspecified | 4 |
The Blackbyte Threat Actor is associated with Akira. BlackByte, a threat actor believed to be an offshoot of the notorious Conti group, has been observed by cybersecurity experts exploiting a recently disclosed VMware ESXi vulnerability (CVE-2024-37085) to gain control over virtual machines and escalate privileges within compromised environments. This | Unspecified | 3 |
The Conti Team Threat Actor is associated with Akira. The Conti team, a threat actor group known for its malicious activities in the cyber realm, has seen significant developments and transformations over recent years. In September 2022, a splinter group from Conti Team One resurfaced under the name Royal Ransomware, conducting callback phishing attack | Unspecified | 2 |
The Vice Society Threat Actor is associated with Akira. Vice Society, a threat actor or hacking team with malicious intent, has been active since 2022 and has made significant waves in the cybersecurity world. The group is known for deploying various forms of ransomware, including BlackCat, Quantum Locker, Zeppelin, and their own branded variant of Zeppe | Unspecified | 2 |
The Scattered Spider Threat Actor is associated with Akira. Scattered Spider is a financially motivated threat actor known for its sophisticated techniques and broad range of targets, including all major cloud service providers. This group seeks to maintain persistence on targeted networks, often using phishing to obtain login credentials and gain access. It | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-20269 Vulnerability is associated with Akira. CVE-2023-20269 is a zero-day vulnerability found in Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. This flaw in software design or implementation has been actively exploited by ransomware groups to gain initial access to corporate networks. The exploitation of | Unspecified | 6 |
The vulnerability Bhi is associated with Akira. | Unspecified | 2 |
The vulnerability CVE-2020-3259 is associated with Akira. | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | 3 hours ago | ||
Securityaffairs | 9 days ago | ||
Pulsedive | 12 days ago | ||
InfoSecurity-magazine | 14 days ago | ||
Securityaffairs | 18 days ago | ||
InfoSecurity-magazine | 18 days ago | ||
InfoSecurity-magazine | 2 months ago | ||
DARKReading | 2 months ago | ||
Checkpoint | 2 months ago | ||
BankInfoSecurity | 2 months ago | ||
InfoSecurity-magazine | 2 months ago | ||
Unit42 | 2 months ago | ||
DARKReading | 2 months ago | ||
BankInfoSecurity | 2 months ago | ||
Securityaffairs | 3 months ago | ||
Checkpoint | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago |