Akira Ransomware Extorts Italian Company Divimast

• Akira ransomware group was found trying to extort an Italian management solutions company.
• The cybercriminals threatened to release 8GB of stolen data if their demands were not met. 
• Hackers allegedly exfiltrated HR documents, passports, and financial information from Divimast, the targeted company.

The Akira ransomware group posted a ransom threat they made to an Italian company. Divimast, a management solutions company, is being extorted by the cybercriminal group.  

Akira announced about the Divimast ransomware attack on January 17 with a small introduction about the company. They stole nearly 8GB of data from Divimast, according to their leak site announcement. 

Private corporate documents including confidential agreements, internal finances, and human resources were allegedly exfiltrated by Akira members. 

They also listed Personal Identifiable Information (PII) of employees including contact numbers, email addresses and passport details being in their possession. Moreover, customer data of Divimast is also at stake of being released publicly. 

The group threatened to release the stolen data from Divimast amounting to 8GB on the dark web understandably if their ransom demands were not met. 

Akira which was recently discovered in 2023 operates as a Ransomware-as-a-Service. The group has aggressively named and shamed high-profile corporate organisations with ‘valuable business assets,’ as noted in a report by Halcyon. 

As observed in the alleged Divimast cyber attack, Akira is known to exfiltrate financial documents, intellectual property and sensitive personal information. The kind of information that would pressure a company to make ransom payments. 

The report also noted that the ransomware group often targets pro-US nations including the United Kingdom, Canada, Australia and South Korea.