Akira Ransomware Overcome in Hours Using Cloud Computing Strength

Uncategorized Mihnea


### Indonesian Developer Dismantles Akira Ransomware in Just 10 Hours

Akira, one of the most infamous ransomware strains prevalent online, has finally encountered its rival—thanks to an Indonesian developer who utilized cloud computing and tireless resolve.

#### **Decoding Akira’s Encryption**

As highlighted by [TechSpot](https://www.techspot.com/news/107186-developer-breaks-akira-ransomware-encryption-hours-using-cloud.html), Yohanes Nugroho successfully unraveled Akira, a cross-platform ransomware that has been preying on businesses, government entities, and industries since 2023. Cybercriminals have exploited Akira to extort millions, establishing it as a considerable threat within the cybersecurity realm.

While it’s not the first occasion someone has been able to circumvent Akira’s encryption, what sets Nugroho’s feat apart is that he accomplished it independently—and in just over 10 hours.

#### **The Methodology**

Nugroho, an enthusiast programmer, created a decryptor that harnessed the power of GPUs—akin to the technology used in high-end gaming graphics. He found that Akira’s encryption keys are generated based on the exact moment of the attack, down to the nanosecond, resulting in each file’s key being distinct.

To add to the difficulty of decryption, Akira jumbles these keys through 1,500 iterations of hashing before locking them with RSA-4096 encryption. Typically, breaking through this level of security would seem nearly impossible, but GPUs can conduct millions of calculations per second, thereby making brute-force assaults practical.

#### **Utilizing Cloud Computing for the Key Breakthrough**

A significant advancement occurred when a friend supplied Nugroho with log files from an attack, enabling him to estimate the time required to breach the encryption. His own RTX 3060, capable of processing 60 million guesses per second, was inadequate. Even an RTX 3090 didn’t suffice.

To expedite the process, Nugroho turned to cloud computing platforms RunPod and [Vast.ai](http://Vast.ai), renting 16 RTX 4090 GPUs. With this immense computational power, he effectively dismantled Akira’s encryption in just over 10 hours.

#### **Open-Source Resource for Others**

Nugroho has shared his [brute-force tool on GitHub](https://github.com/yohanes/akira-bruteforce), inviting GPU specialists to enhance and optimize it further. His contributions offer a valuable asset for cybersecurity experts and victims of Akira ransomware, providing optimism against one of the most perilous threats on the internet.