Akira
We've curated 31 cybersecurity statistics about Akira to help you understand how this emerging ransomware variant is impacting organizations in 2025, including its tactics, targets, and the evolving defenses against it.
Related Topics
Showing 21-31 of 31 results
Akira had 150 victims (organizations and individuals) in Q3 2025.
Akira demonstrated a rise in activity with 13% more victims (organizations and individuals) in Q3 compared to Q2.
Akira was the second most active threat group in June 2025, with 31 attacks, rising from fourth place in May.
Akira has already listed 15% more victims in the first half of 2025 than it did throughout the entirety of 2024.
Akira showed a 348% rise in the number of organizations named in Q2 2025 compared to the same period last year.
Akira listed approximately 130 organizations to its data-leak site each quarter in 2025.
Akira ransomware was the most prolific variant for Coalition policyholders, accounting for 13% of ransomware claims in 2024.
Akira and RansomHub shared second place of most active threat group in March, with 62 attacks each.
Akira was the third most active ransomware group, with 77 attacks in February 2025.
Akira averaged 19 attacks per month between January 2024 and November 2024. In December, the collective added at least 93 separate victims to their leak site, bringing their 2024 monthly average up to approximately 25. Throughout 2024, approximately 71 percent of Akira’s victims were based in North America, rising to approximately 81 percent in Q4 2024.
The second most active ransomware group in December was Clop with 68 attacks, followed by Akira with 43 attacks and RansomHub with 41 attacks.