The FBI and the U.S. Cybersecurity and Infrastructure Safety Company are warning in opposition to a harmful ransomware scheme.
In an advisory posted earlier this week, authorities officers warned {that a} ransomware-as-a-service software program referred to as Medusa, which has launched ransomware assaults since 2021, has not too long ago affected a whole lot of individuals. Medusa makes use of phishing campaigns as its major methodology for stealing victims’ credentials, in accordance with CISA.
To guard in opposition to the ransomware, officers really helpful patching working techniques, software program and firmware, along with utilizing multifactor authentication for all companies corresponding to e mail and VPNs. Consultants additionally really helpful utilizing lengthy passwords, and warned in opposition to ceaselessly recurring password modifications as a result of they will weaken safety.
Medusa builders and associates — referred to as “Medusa actors” — use a double extortion mannequin, the place they “encrypt sufferer information and threaten to publicly launch exfiltrated information if a ransom just isn’t paid,” the advisory stated. Medusa operates a data-leak web site that exhibits victims alongside countdowns to the discharge of knowledge.
“Ransom calls for are posted on the positioning, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,” the advisory stated. “At this stage, Medusa concurrently advertises sale of the information to events earlier than the countdown timer ends. Victims can moreover pay $10,000 USD in cryptocurrency so as to add a day to the countdown timer.”
Since February, Medusa builders and associates have hit greater than 300 victims throughout industries, together with the medical, training, authorized, insurance coverage, know-how and manufacturing sectors, CISA stated.
Copyright 2025 Related Press. All rights reserved. This materials will not be revealed, broadcast, rewritten or redistributed.
Subjects
Cyber
Focused on Cyber?
Get computerized alerts for this matter.
