All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Akira Ransomware Attack: Hypervisor Compromise, VM Creation, and Data Exfiltration via LimeWire

By

ecrime.ch

24d ago· 1 min readenNews

Summary

A threat actor breached a victim environment by accessing a hypervisor and creating a new virtual machine to stage and launch Akira ransomware. The investigation uncovered the use of Easyupload.io via LimeWire, WinRAR, and WinSCP for data staging and likely exfiltration. The attacker rapidly disabled Microsoft Defender on the new VM and made little effort to conceal their activities.

Source

bskyAkira Ransomware Attack: Hypervisor Compromise, VM Creation, and Data Exfiltration via LimeWirehendryadrian.com

Key quotes

· 3 pulled
A threat actor breached a victim environment, accessed a hypervisor, created a new virtual machine, and used it to stage and launch Akira ransomware.
The investigation also found use of Easyupload.io via LimeWire, WinRAR, and WinSCP for staging and likely exfiltration.
Microsoft Defender was quickly disabled on the newly created virtual machine.
Snippet from the RSS feed
A threat actor breached a victim environment, accessed a hypervisor, created a new virtual machine, and used it to stage and launch Akira ransomware. The investigation also found use of Easyupload.io via LimeWire, WinRAR, and WinSCP for sta...

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.