The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim’s network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.

Cybersecurity firm S-RM team discovered the unusual attack method during a recent incident response at one of their clients.

Notably, Akira only pivoted to the webcam after attempting to deploy encryptors on Windows, which were blocked by the victim’s EDR solution.