How a Researcher Cracked Akira Ransomware Using GPU Brute Force

By /

Listen to this Post

Researchers have successfully cracked the Akira ransomware using GPU brute force techniques, showcasing the power of parallel computing in cybersecurity. The attack leveraged 16 RTX 4090 GPUs to accelerate the decryption process, demonstrating how modern hardware can be used to combat ransomware.

Read the full article here

You Should Know: GPU-Accelerated Ransomware Cracking Techniques

1. Understanding Brute Force with GPUs

GPUs (Graphics Processing Units) excel at parallel processing, making them ideal for brute-force attacks. Unlike CPUs, which handle tasks sequentially, GPUs can perform thousands of operations simultaneously.

Key Commands & Tools for GPU Brute Force:

  • Hashcat – The leading GPU-based password recovery tool. 
    hashcat -m 1000 -a 3 hashes.txt ?a?a?a?a?a?a --force -O -w 4

    – `-m 1000` = NTLM hash mode
    – `-a 3` = Brute-force attack mode
    – `?a?a?a?a` = Mask for alphanumeric combinations

  • John the Ripper (with CUDA/OpenCL support) 

    john --format=raw-md5 --device=1,2 hashes.txt

2. Setting Up a GPU Cracking Rig

To replicate the researcher’s approach, you need:

  • Multiple High-End GPUs (e.g., NVIDIA RTX 4090)
  • CUDA/OpenCL Drivers 
    sudo apt install nvidia-cuda-toolkit
  • Optimized Wordlists & Rules 
    git clone https://github.com/berzerk0/Probable-Wordlists.git

3. Decrypting Ransomware-Encrypted Files

If you obtain the encryption key, use:

  • OpenSSL for AES Decryption 
    openssl enc -d -aes-256-cbc -in encrypted.file -out decrypted.file -k "recovered_key"

4. Defending Against GPU Brute Force

  • Use Stronger Key Derivation Functions (Argon2, PBKDF2)
  • Enable Multi-Factor Authentication (MFA)
  • Monitor for Unusual GPU Compute Activity 
    nvidia-smi -l 1  Monitor GPU usage in real-time

What Undercode Say

GPU-accelerated brute forcing is a double-edged sword—while it helps ethical hackers crack ransomware, it also empowers attackers. Organizations must adopt stronger encryption standards and monitor computational resources to detect unauthorized cracking attempts.

Expected Output:

  • Successful decryption of ransomware-encrypted files using recovered keys.
  • Detection of brute-force attempts via GPU monitoring.
  • Improved defensive strategies against future ransomware attacks.

Reference: Akira Ransomware Analysis

References:

Reported By: Sam Bent – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: