Akira ransomware can be cracked with 16 RTX 4090 GPUs in around ten hours — new counterattack breaks encryption

GeForce RTX 3090
(Image credit: Shutterstock)

Another hold has been blown through the hull of the dreaded Akira ransomware attack: Blogger Tinyhack has discovered a new exploit to brute-force the virus's encryption — and has reportedly already used it to restore the data of an attacked company.

Akira is a well-known ransomware cyberattack, used by hackers in November to demand a $125k ransom in baguettes from a French company. It may now be escapable by affected companies thanks to a GPU-based brute-force counterattack. With an RTX 4090, the Tinyhack found they could crack the encrypted ransomware files in seven days, and with 16 GPUs, the process would take just over ten hours.

Sunny Grimm
Contributing Writer

Sunny Grimm is a contributing writer for Tom's Hardware. He has been building and breaking computers since 2017, serving as the resident youngster at Tom's. From APUs to RGB, Sunny has a handle on all the latest tech news.

  • Heat_Fan89
    Welcome to the Digital World from hell. Can't wait for all the shenanigans when Banks make the switch to digital currencies. That ought to be fun.
    Reply
  • FunSurfer
    So now ransomware attackers can make more money by running a renting service of servers for ransomware decryption...
    Why can't the OS detect the chacha8 and Kcipher2 encryption methods running at real time? It's about time to put the AI Copilot for a good use...
    Reply
  • A Stoner
    I have a question about cracking encryption... If you already know what is inside the file, shouldn't that make it much easier to crack encryption? Say you know that there is an exact file this large that looks exactly like this, should that not inform the encryption cracking?
    Reply
  • DingusDog
    A Stoner said:
    I have a question about cracking encryption... If you already know what is inside the file, shouldn't that make it much easier to crack encryption? Say you know that there is an exact file this large that looks exactly like this, should that not inform the encryption cracking?
    That's not how it works, that's not how any of this works. But at least username checks out.
    Reply
  • NightKnight1337
    A Stoner said:
    I have a question about cracking encryption... If you already know what is inside the file, shouldn't that make it much easier to crack encryption? Say you know that there is an exact file this large that looks exactly like this, should that not inform the encryption cracking?
    Does knowing what's inside a house make it easier for you to go through the door?
    It's all about the lock
    Reply
  • USAFRet
    If you're at the point of having to use a 4090 to (attempt to) decrypt your data, you've already lost the battle.
    Reply
  • edzieba
    Heat_Fan89 said:
    Can't wait for all the shenanigans when Banks make the switch to digital currencies. That ought to be fun.
    Currencies have been digital for over half a century when SWIFT replaced TELEXed transfer orders. Did you think COBOL was just invented for fun?
    Currencies have been digital for a long, long time, and they were ephemeral long before even that (when currencies ceased to be asset-backed and transitioned to economy-backed AKA 'fiat'), and large fund transfers (e.g. wire transfers) were so even before that.
    Use of a distributed ledger rather than a centralised ledger isn't even a major distinction, as there are plenty of distributed ledger systems already in active use for inter-bank payments (e.g. Spunta Banka DLT).
    Reply
  • A Stoner
    DingusDog said:
    That's not how it works, that's not how any of this works. But at least username checks out.
    It was how people were able to hack into encrypted PDFs in the past as I recall. If they could provide accurate information to the cracker as to what was inside, "exact quotes" from it, it gave them the ability to crack it faster, since they had something to compare the data to to validate keys.
    Reply
  • stronk2211
    Author is missing 6 zeros from his nanoseconds. A nanosecond is 0.000000001 seconds.
    Reply
  • Silicon Mage
    If you store your data in the Cloud using something like Dropbox it maintains a Version history and you can get your stuff back without any problems at all.

    So if you get ransomwared all you have to do is reinstall your OS.
    Reply