5월 16, 2023
SentinelOne Demo: SentinelOne VS Akira Ransomware – Detection and Mitigation
In this video demo, we showcase how SentinelOne's XDR technology detects and responds to Akira ransomware. Akira ransomware operations were initiated in March 2023. The actors behind it practice multi-extortion. They host a TOR-based (.onion) website where they list victims along with any stolen data (should a victim fail to comply with attacker demands). Akira attackers do not discriminate when it comes to victimology. As of this writing, they have targeted educational institutions as well as those in the financial, manufacturing, real estate and medical industries.
Upon launch, the ransomware payloads Akira will initiate PowerShell commands to remove VSS (Volume Shadow Copies). The ransomware appends the .akira extension to all files affected by the encryption. In the event that a file is locked by the Windows operating system, the ransomware will attempt to utilize the WRM (Windows Restart Manager) API to address said issues.
Victims are instructed to contact the attacker via their TOR-based portal (.onion), where they enter their unique identifier (from the ransom notes) to begin negotiations. The group is known to demand outrageous ransom payments, reaching hundreds of millions of dollars.
Experience the power of SentinelOne's XDR solution and witness first-hand its effectiveness in combating Akira ransomware. Subscribe to our channels for more in-depth analysis and real-life examples from the forefront of cybersecurity.
관련 리소스
데이터시트
Singularity™ Complete AI 지원 엔드포인트와 클라우드 보안
점점 더 복잡해지는 보안 아키텍처와 데이터 소스, 제한된 리소스, 더욱 정교해지는 공격에 직면한 보안 팀은 AI 지원 공격 세례에 대비하느라…
지금 읽기
Resource
SentinelOne PartnerOne - America's 2025
⛳️ Last week in Pebble Beach the America's best cybersecurity partners came together for our annual PartnerOne summit. Check out…
View Asset