BushidoUK RVM Profile: Akira

Threat-actor 18 Jun 2026 2 min lectura akira

Fecha

18 Jun 2026

Actor

akira

Tipo

Threat-actor

Pais

United Kingdom

Sector

Confianza

high

Prioridad analitica

Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

8IOCs

0TTPs

akiraActor

United KingdomPais

Executive Summary

Perfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.

Key Points

Source: BushidoUK RVM GroupProfiles
BushidoUK RVM Repository

Group Profile: Akira

Perfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.

Akira's Exploited Vulnerabilities

> [!NOTE]

> This is the list of vulnerabilities that have been observed during intrusions that lead to Akira ransomware deployment or data exfiltration and leaks published to Akira's Tor Site

`Cisco`

|---|---|---|---|

`Fortinet`

|---|---|---|---|

`SonicWall`

|---|---|---|---|

`Veeam`

|---|---|---|---|

`VMware`

|---|---|---|---|

---

#### Sources

| Date Published | Report |

|---|---|

| 10 Oct 2024 | https://infosec.exchange/@SophosXOps/113284564225476186 |

| 2 Oct 2024 | https://blog.qualys.com/vulnerabilities-threat-research/2024/10/02/threat-brief-understanding-akira-ransomware |

| 6 Sept 2024 | https://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/ |

| 29 July 2024 | https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/

| 18 April 2024 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a |

| 21 Dec 2023 | https://news.sophos.com/en-us/2023/12/21/akira-again-the-ransomware-that-keeps-on-taking/ |

| 6 Sept 2023 | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC#fs |

| 23 Aug 2023 | https://stairwell.com/resources/akira-pulling-on-the-chains-of-ransomware/ |

Referencias

Diamond Model

Adversary

akira

Ver perfil →

Victim

BushidoUK RVM Profile: Akira

United Kingdom

Capability

Threat-actor

Infrastructure

infosec.exchange

blog.qualys.com

arcticwolf.com

www.microsoft.com

Indicadores de Compromiso (IOCs)

Tipo	Valor	Contexto	OSINT
Domain	infosec.exchange	Extraido del contenido	VT OffSec SOCRadar
Domain	blog.qualys.com	Extraido del contenido	VT OffSec SOCRadar
Domain	arcticwolf.com	Extraido del contenido	VT OffSec SOCRadar
Domain	www.microsoft.com	Extraido del contenido	VT OffSec SOCRadar
Domain	www.cisa.gov	Extraido del contenido	VT OffSec SOCRadar
Domain	news.sophos.com	Extraido del contenido	VT OffSec SOCRadar
Domain	sec.cloudapps.cisco.com	Extraido del contenido	VT OffSec SOCRadar
Domain	stairwell.com	Extraido del contenido	VT OffSec SOCRadar

← Volver al panel de inteligencia

Incidentes recientes

BushidoUK RVM Profile: Akira

Key Points

Group Profile: Akira

Akira's Exploited Vulnerabilities

`Cisco`

`Fortinet`

`SonicWall`

`Veeam`

`VMware`

Referencias

Diamond Model

Relations

Indicadores de Compromiso (IOCs)

Referencias y enlaces

Incidentes recientes