APT / THREAT GROUP
Ako
2
aliases
Intelligence Profile
Once installed, Ako will attempt to delete Volume Shadow Copies and disable recovery services. It will then begin to encrypt all files that do not match a hard-coded list using an unknown algorithm. Whilst this is happening, Ako will scan the affected network for any connected devices or drives for it to propagate to.
Threat Analysis
Ako is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Ako
A Security Raises $37 Million for Autonomous Offensive Security Platform
SecurityWeek· Jun 8, 2026
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
The Hacker News· Apr 13, 2026
As breakout time accelerates, prevention-first cybersecurity takes center stage
ESET Research· Apr 7, 2026
North Dakota water treatment plant reports March ransomware attack
The Record· Apr 1, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
AkoMedusaReborn
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.