Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Avast Releases Akira Decryptor

July 3, 2023
Reading Time: 2 mins read
in Alerts
Avast Releases Akira Decryptor

 

Cybersecurity firm Avast has released a free decryptor for the Akira ransomware, enabling victims to recover their data without paying a ransom. Akira gained notoriety for targeting organizations across various sectors since its emergence in March 2023.

In June 2023, the operators expanded their attacks to include Linux systems, particularly VMware ESXi virtual machines, increasing the reach of their encryption attacks.

Avast’s analysis revealed that Akira employs a symmetric key generated by CryptGenRandom, encrypted by an RSA-4096 public key, and appended to the encrypted file, making decryption impossible without the private RSA key held by the threat actors.

Avast’s successful decryption efforts are attributed to their analysis of Akira’s encryption method, which involves partial file encryption.

For efficient processing, Akira on Windows encrypts files partially based on their size, encrypting only the first half of files smaller than 2,000,000 bytes and employing pre-calculated block sizes for larger files.

The Linux version of Akira allows operators to specify the percentage of files to encrypt. While the release of the decryptor offers relief to victims, it is expected that the Akira ransomware operators will study the decryptor to identify flaws in their encryption and address them to prevent future decryption attempts.

Avast has provided two versions of the decryptor for different Windows architectures, recommending the 64-bit version due to its higher system memory requirements.

To generate the correct decryption key, users must provide a pair of files—one encrypted by Akira and the other in its original plain-text form. Avast advises selecting large files as the original file’s size sets the upper limit for decryption. Additionally, the decryptor offers a backup option to safeguard encrypted files, reducing the risk of irreparable data corruption.

Although Avast is working on a Linux decryptor, users can currently utilize the Windows version to decrypt files encrypted in Linux by Akira.

Reference:
  • Decrypted: Akira Ransomware
Tags: Akira ransomwareAvastCryptGenRandomCyber AlertCyber Alerts 2023DecryptorJuly 2023LinuxRansomwareSoftwareWindows
ADVERTISEMENT

Related Posts

GhostSpy Android Malware Full Device Control

FBI Warns Luna Moth Targets US Law Firms

May 27, 2025
GhostSpy Android Malware Full Device Control

Winos 4.0 Malware Spread Via Fake Installers

May 27, 2025
GhostSpy Android Malware Full Device Control

GhostSpy Android Malware Full Device Control

May 27, 2025
D-Link Routers Exposed by Weak Credentials

D-Link Routers Exposed by Weak Credentials

May 26, 2025
D-Link Routers Exposed by Weak Credentials

TA-ShadowCricke Unmasked via Backdoors

May 26, 2025
D-Link Routers Exposed by Weak Credentials

Killnet Resurfaces with New Identity

May 26, 2025

Latest Alerts

FBI Warns Luna Moth Targets US Law Firms

Winos 4.0 Malware Spread Via Fake Installers

GhostSpy Android Malware Full Device Control

D-Link Routers Exposed by Weak Credentials

TA-ShadowCricke Unmasked via Backdoors

Killnet Resurfaces with New Identity

Subscribe to our newsletter

    Latest Incidents

    Everest Ransomware Leaks Coke Staff Data

    Adidas Data Breach Exposes Customer Contacts

    Semiconductor Firm AXT Hit by Data Breach

    Hackers Steal $700K from Philly School District Accounts

    Chinese hackers hit US utilities via flaw

    Naukri Fixes Bug That Exposed Recruiter Email Addresses

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial