Victory against digital extortionists. A security researcher named Yohanes Nugroho just delivered a major blow to the Akira ransomware gang. His newly developed decryptor tool can crack what was supposed to be unbreakable encryption – without victims paying a dime of those six-figure ransoms.
Security researchers strike back: free decryption tool saves victims millions in ransom payments to cybercriminals.
Nugroho created the tool after a friend asked for help. What started as a one-week project stretched to three weeks and cost $1,200 in GPU resources. Worth every penny. The decryptor exploits a critical weakness in Akira’s encryption method – its reliance on timestamp-based key generation.
Here’s the genius part: Akira uses four different timestamp seeds with nanosecond precision for generating encryption keys. Sounds secure, right? Wrong. By analyzing log files and creating benchmarks on different hardware, Nugroho narrowed down the possible timestamps enough to make brute-forcing feasible.
The process isn’t exactly a walk in the park. Initial attempts with an RTX 3060 were painfully slow – just 60 million encryption tests per second. Not nearly enough. Upgrading to an RTX 3090 barely moved the needle.
So Nugroho went nuclear, deploying sixteen RTX 4090 GPUs through cloud services. Ten hours later, bingo. Keys cracked.
This decryptor targets the Linux variant of Akira ransomware, which emerged in March 2023 and is believed to be run by former Conti operators. The ransomware typically demands between $200,000 and $4 million in Bitcoin. That’s serious money saved for victims.
Nugroho released his tool on GitHub with detailed instructions. Users should back up encrypted files first – no guarantees against file corruption if something goes wrong. The tool specifically counters Akira’s use of ChaCha20 stream cipher for encryption, which was identified as their primary encryption method.
The implications are huge. Akira will certainly patch this vulnerability, but the success demonstrates that even sophisticated ransomware has weaknesses. It’s also a powerful reminder of GPU computing’s growing role in cybersecurity. This breakthrough is particularly significant considering that cyber attacks increased by 600% during the pandemic, making tools like this increasingly vital.
Sometimes you just need enough processing muscle to punch through encryption. Organizations can minimize risk by implementing the 3-2-1 backup rule as a defensive strategy against ransomware attacks like those perpetrated by Akira. Game on, ransomware gangs.