Akira v2 Ransomware: Rust’s Versatility Fuels Rising Cybercrime Trends

Earlier this year, hackers behind the Akira ransomware tested a new version of their malicious software called “Akira v2.” Written in Rust.

Rust is a modern and powerful programming language, this version was designed to attack ESXi servers—specialized systems used in virtualized computing.

Security researchers from Check Point (CP) took a deep dive into how Akira v2 works. They found that Rust, known for producing fast and secure software, also makes it harder for cybersecurity experts to figure out what’s going on in the code.

This is because Rust’s design, combined with how it’s compiled, creates complex and confusing programs for researchers trying to understand and stop the malware.

Despite the challenges, researchers were able to piece together how Akira v2 operates. The software has different parts that handle tasks like scanning for files to encrypt and executing the encryption process.

The hackers used pre-written Rust code libraries to build parts of the ransomware, which helped researchers find clues about its structure, according to CP.

One big takeaway of CP is that Rust is becoming a popular tool for cybercriminals. It’s flexible, works on multiple systems, and has many ready-to-use features. While this makes Rust attractive for legitimate software developers, it’s also being used for more harmful purposes.

For cybersecurity experts, Rust adds a new layer of difficulty. Unlike older programming languages, Rust compiles code in a way that mixes functions together, making it tricky to follow the malware’s trail.

Experts are calling for better tools to analyze Rust programs and uncover how they work.Akira v2 shows how hackers are constantly evolving, using new technologies to stay ahead.

While the cybersecurity community is working hard to keep up, this case highlights the need for innovative solutions to deal with modern malware threats.