Akira Hackers Deny Involvement in Attack on South African Bank
A group of extortionists known as Akira hackers have denied any involvement in the recent attack on the Development Bank of Southern Africa (DBSA), which occurred on May 21. The attack saw the bank’s servers infected with the Akira-Mother program, which encrypted files and demanded a ransom of $29 million.
According to Akira hackers, the bank’s systems were actually infected by another “unknown attacker” who used the Akira program without permission. The group has invited the bank to work with them in restoring systems and data, and has promised that any stolen data will not be made public.
Akira is a relatively new group, having been active since at least March of this year. The group has been identified as responsible for infecting targeted computers through phishing letters, malicious advertising, and software vulnerabilities. Once a computer is infected, the Akira program encrypts the files and adds a “.Akira” extension, demanding a ransom from the user.
The group is known for its individual approach to determining the amount of ransom demanded, taking into account the size and profitability of the company. Akira has even been known to offer discounts in certain circumstances. Their website has a retro-style design, and navigation is carried out in the manner of old DOS systems by entering commands. The site provides a list of their victims, as well as the latest information about the group.
Although Akira has been linked to a number of ransomware attacks, including the recent attack on the Colonial Pipeline, the group denies any involvement in the attack on the DBSA. The bank has yet to release any statements regarding the incident.
Source: https://twitter.com/alvierid/status/1671945953912168448