MY Server got encrypted with some ransomware known to be Akira (.akira)

Home Forums BulletProof Security Free MY Server got encrypted with some ransomware known to be Akira (.akira)

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • September 29, 2025 at 5:54 am #45326
    Dr Aspain
    Participant

    Hello, I am sorry to post this here. I am trying to post on public forums for help. I am doctor by profession and recently my server got infected by a virus known as Akira ransomware. All files are ending with .akira extension. I am unable to access anything and seemed to be corrupted. The data is really important for me as it contains important research papers and my patient’s history.
    Note: I have already tested public decryptors like Avast Akira Decryptor. It did not work

    September 29, 2025 at 10:19 am #45327
    AITpro Admin
    Keymaster

    Do you have a Windows or Linux server? Is the server inhouse or offsite?

    September 29, 2025 at 10:24 am #45328
    AITpro Admin
    Keymaster

    My first thought was to boot into Linux from a Linux boot disk (Hiren’s BootCD PE).  This is the method that these guys (DIRT) used on a VMware ESXi server > https://medium.com/@DCSO_CyTec/unransomware-from-zero-to-full-recovery-in-a-blink-8a47dd031df3

    September 29, 2025 at 11:04 am #45329
    AITpro Admin
    Keymaster

    Just checked your IP address and it has a high threat level. That could mean that you are a bad actor or your computer/network is compromised and your IP address is seen as an attack vector IP.

    ThreatLevel: “high”: An IP address with a “high” threat level is an immediate and serious security risk. This is not a vague or minor threat but one that requires urgent attention and protective measures.

    September 29, 2025 at 11:08 am #45330
    Dr Aspain
    Participant

    My server is windows

    September 29, 2025 at 11:16 am #45331
    Dr Aspain
    Participant

    What to do for this?

    September 29, 2025 at 11:23 am #45332
    AITpro Admin
    Keymaster

    Try these guys > https://www.ransomwarehelp.com/. They are BBB accredited, have good reviews and claim that if they cannot recover your data you pay nothing. Important Note: Ransomware Help has zero reviews on Trustpilot.

    September 29, 2025 at 11:30 am #45333
    AITpro Admin
    Keymaster

    Trying to figure out which variant of Akira your server is infected with and then figuring out the encryption method would be very difficult unless you are very familiar with ransomware decryption. So yeah definitely go with a Pro.

    September 29, 2025 at 11:49 am #45334
    Dr Aspain
    Participant

    They are very expensive + don’t seem legit to me.

    September 29, 2025 at 12:05 pm #45335
    AITpro Admin
    Keymaster

    Hmm they appear to be legit to me. In any case, I’m not a computer/network server ransomware specialist. My area of expertise is website security, which includes web servers and websites. Do google searches for “Akira ransomware recovery” and be sure to check BBB and reviews for any possible companies that you find.

    September 29, 2025 at 12:16 pm #45336
    AITpro Admin
    Keymaster

    Proven Data looks good > https://www.provendata.com/. They have excellent Trustpilot reviews. They have an F rating on BBB, but I looked at one of the complaints and it is ridiculous or spam. They have been in business for 16 years and only have 2 complaints on BBB. That is exceptional.

  • Author
    Posts
Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.