Storm-1567  (Back to overview)

aka: Akira

Storm-1567 is the threat actor behind the Ransomware-as-a-Service Akira. They attacked Swedish organizations in March 2023. This ransomware utilizes the ChaCha encryption algorithm, PowerShell, and Windows Management Instrumentation (WMI). Microsoft's Defender for Endpoint successfully blocked a large-scale hacking campaign carried out by Storm-1567, highlighting the effectiveness of their security solution.

Associated Families

There are currently no families associated with this actor.

2023-12-20Sophos X-OpsMark Loman, Matt Wixey
CryptoGuard: An asymmetric approach to the ransomware battle
Akira LockBit Storm-1567
2023-12-13Kaspersky LabsGReAT
FakeSG campaign, Akira ransomware and AMOS macOS stealer
AMOS Akira Storm-1567
2023-11-29TrellixAlexandre Mundo, Max Kersten
Akira Ransomware
Akira Akira Storm-1567
2023-09-14SekoiaLivia Tibirna mid-2023 Ransomware Threat Landscape
8Base Akira Cactus Storm-1567
2023-08-10Avast DecodedThreat Research Team
Unveiling the Dominance of Scams Amidst a 24% Surge in Blocked Attacks

Credits: MISP Project