The notorious Akira ransomware group has claimed two more victims, adding them to its list of Akira ransomware attacks. The claims were posted on a dark web forum where the threat actor boldly claimed the attack.
However, upon inspection of both victim websites, it was evident that the ransomware attack had not impacted the front end, as both sites remained accessible at the time of writing.
On December 6, 2023, Compass Group Italia, an Italian-based company offering a diverse range of services to various sectors, allegedly fell prey to the Akira ransomware attack. The hackers infiltrated the company’s digital fortress, obtaining a staggering 107GB of sensitive data. This trove includes financial records, HR files, legal documents, and personal information, putting the company’s integrity at stake.
Simultaneously, Aqualectra Utility, the government-owned utility provider in Curacao, witnessed a breach of its digital infrastructure. With data soon to be available for download, the Akira ransomware attack on Aqualectra Utility compromised operational files, business documents, and a plethora of payment records. The breach threatens the security and privacy of over 80,000 households and companies relying on Aqualectra’s water and electricity services.
The Cyber Express, in pursuit of the truth, reached out to both Compass Group Italia and Aqualectra Utility for insights into the Akira ransomware attack. However, as of now, no official statements or responses have been received from the affected companies, leaving the claims of the attack unverified.
Akira ransomware is gaining notoriety as one of the fastest-growing threats in the online world. Employing double extortion tactics and utilizing a ransomware-as-a-service (RaaS) distribution model, Akira is swiftly becoming a formidable force in the realm of cyber threats. The group’s unique payment options contribute to its rapid rise in the world of cybercrime.
A recent report analyzing blockchain and source code data indicates that the Akira ransomware group may be affiliated with the now-defunct Conti ransomware gang. Conti, known for its notorious exploits, is believed to be a descendant of the infamous Ryuk ransomware, emphasizing the evolving nature of ransomware tactics.
Akira ransomware, emerging in March 2023, has primarily targeted companies based in the US and Canada. Its Tor leak site boasts a distinctive retro appearance reminiscent of “1980s green-screen consoles.” According to a report from Sophos, navigation of the site requires specific commands, adding a layer of uniqueness to Akira’s approach.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Microsoft confirms active exploitation of CVE-2026-41091 and CVE-2026-45498 in Defender, raising CVSS-based risks and urgent KEV listing concerns.
The French and Dutch law enforcement seized a large-scale virtual private network (VPN) service catering to cybercriminals, offering services to…
Cisco addressed CVE-2026-20223, a CVSS 10.0 Secure Workload REST API vulnerability linked to CWE-306 authentication failures.
The latest findings add to growing concerns around operational resilience within the global financial industry.
Researchers uncovered a self-healing INJ3CTOR3 campaign using JOMANGY and ZenharR malware toolkit to compromise FreePBX systems.
The technology is expected to benefit sectors where device trust, network security, and hardware protection are considered critical operational requirements.
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More