Home Malware Programs Ransomware Akira Ransomware

Akira Ransomware

Posted: September 1, 2017

Threat Metric

Threat Level: 10/10
Infected PCs: 33
First Seen: September 1, 2017
Last Seen: July 3, 2021
OS(es) Affected: Windows

The Akira Ransomware is a Trojan that locks media files on your computer such as videos. While its development is unfinished, the Trojan has a working encryption feature and may cause permanent damage to the saved data of an infected PC. Allow your anti-malware programs to delete the Akira Ransomware proactively or remove it as soon as possible afterward, and keep backups on another device for easy restoration.

A Trojan with a Narrow Plan of Attack

Caught in what seems to be the middle of its development process, the Akira Ransomware is a threat that can lock files according to their formats and locations with its encoding feature. The broadly applicable and flexible nature of such an attack, as well as the ease of updating it, makes the Akira Ransomware into a potential security risk for any files on an infected PC or local, unprotected networks. Despite its sophisticated encoding setup, the Akira Ransomware isn't a member of a family previously known to malware experts, such as Hidden Tear or the Globe Ransomware.

The Akira Ransomware's current parameters specify encrypting only the contents of the user's Video folders, which appears to be for testing purposes with later expansion intended. Similar threats often also attack content stored in other profiles related to Windows user profiles, such as Downloads, as well as the desktop. The Akira Ransomware also filters out files according to format (such as GIF pictures and TXT documents). Media that does match every prerequisite is encoded with a cipher to prevent their opening, and malware experts can't yet determine whether this encryption is breakable by third parties.

The Akira Ransomware also includes the traditional extension-appending function that most file-encrypting Trojans deliver, by adding '.akira' to the end of each file's name. However, it doesn't generate a ransom-themed pop-up and doesn't drop a text message containing any instructions on how to unlock your content.

Safe Video Storage Versus Trojan-Enabled Robbery

Almost all file-encoding Trojans include some form of extortionist demands in their payloads eventually, with the encrypted media serving as collateral to pressure the victims into paying with crypto currencies or vouchers. Only a few seconds of changes to its code could let the Akira Ransomware attack files other than those specified previously, and the uncertainty of its encryption algorithm of choice may mean that decryption is never available for free. As preventative maintenance, victims can keep their movies and other content safe by copying them to backups outside of the Akira Ransomware's purview, such as a cloud server, a DVD or a USB drive.

Malware researchers often find Trojans of similar design to the Akira Ransomware circulating in email attachments that threat actors craft to be of particular interest to their targets. Other exploits also of note include brute-forcing passwords, abusing RDP features, and, in lesser cases, bundling the Trojan's installer with other downloads. Fortunately, almost all anti-malware programs should delete the Akira Ransomware straightforwardly; in current samples, this Trojan lacks any defenses against being uninstalled and makes no effort to obfuscate its payload.

The Akira Ransomware may just be a case of a programmer testing encryption features without planning to put those attacks into action against the general public. However, even if the Akira Ransomware fails to define itself as competition in an industry basing itself on damaging files for extortion, it has limitless counterparts who will take its place.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Akira Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner*

* See Free Trial offer below. EULA and Privacy/Cookie Policy.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.