The Akira ransomware has been a major threat to businesses, encrypting their files and demanding a ransom for their release. However, security researchers at Avast have developed a free decryption tool that can unlock files encrypted by the Akira ransomware since its emergence in March 2023.
The ransomware has targeted various organizations, including universities, financial institutions, and even a daycare center. It renames files with the extension “.akira” and encrypts their contents, leaving a ransom note in each folder.
Avast’s decryption tool requires a sample Akira-encrypted file and an unencrypted copy of the same file. It then cracks the ransomware’s password, allowing users to recover their data. The tool recommends using large files and the 64-bit version for optimal performance.
Currently, the tool only works on Windows, but Avast is working on a version for Linux. However, the Windows version can still unlock files encrypted by both the Windows and Linux versions of the Akira ransomware.
While the decryption tool is valuable, it is crucial to prevent ransomware attacks in the first place. Organizations should follow security measures such as secure offsite backups, up-to-date security solutions, network segmentation, strong passwords, encryption of sensitive data, disabling unnecessary functionality, and employee education about cyber threats.
It is important to note that even after recovering data, organizations must address the fact that the cybercriminals behind the ransomware attack have also stolen their data. This poses further risks, as the stolen data may be sold on the dark web or published on leak sites.