Akira Ransomware Exploits Year-Old SonicWall Flaw in Growing Attack Wave

Akira ransomware exploits SonicWall vulnerability, impacting 250 organizations and collecting $42M in ransoms. Learn about the ongoing threats.

By Content Team

Sep 12, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals are ramping up Akira ransomware attacks by exploiting a year-old vulnerability in SonicWall firewalls. About 40 attacks hit between mid-July and early August, with another wave following soon after. The attacks target CVE-2024-40766, which affects SSL VPN protocols in multiple SonicWall firewall versions.

Rapid7 reports handling multiple incidents weekly, while Australia's Cyber Security Centre warns of attacks on local organizations. Most victims had patched their systems but failed to reset default passwords during firewall migrations from Gen 6 to Gen 7 devices.

Akira ransomware has already impacted over 250 organizations, collecting $42 million in ransom payments. SonicWall has appeared 14 times on CISA's exploited vulnerabilities list since 2021.

Source: CyberScoop

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical Zero-Click Flaw in AVideo Platform Enables Complete Server Takeover

Mar 11, 2026

Microsoft Releases Emergency Patch for Critical .NET Vulnerability

Mar 11, 2026

Interlock Ransomware Exploited Cisco Zero-Day for Weeks Before Patch

Mar 21, 2026

Google's Vertex AI Default Settings Allow Privilege Escalation Attacks

Jan 18, 2026