Cybersecurity officials warn against potentially costly Medusa ransomware attacks


Article content

LOS ANGELES (AP) — The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning against a dangerous ransomware scheme.

Article content

In an advisory posted earlier this week, government officials warned that a ransomware-as-a-service software called Medusa, which has launched ransomware attacks since 2021, has recently affected hundreds of people. Medusa uses phishing campaigns as its main method for stealing victims’ credentials, according to CISA.

Article content

To protect against the ransomware, officials recommended patching operating systems, software and firmware, in addition to using multifactor authentication for all services such as email and VPNs. Experts also recommended using long passwords, and warned against frequently recurring password changes because they can weaken security.

Medusa developers and affiliates — called “Medusa actors” _ use a double extortion model, where they “encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid,” the advisory said. Medusa operates a data-leak site that shows victims alongside countdowns to the release of information.

“Ransom demands are posted on the site, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,” the advisory said. “At this stage, Medusa concurrently advertises sale of the data to interested parties before the countdown timer ends. Victims can additionally pay $10,000 USD in cryptocurrency to add a day to the countdown timer.”

Since February, Medusa developers and affiliates have hit more than 300 victims across industries, including the medical, education, legal, insurance, technology and manufacturing sectors, CISA said.

Share this article in your social network



Source link

  • Related Posts

    Chase, Higgins reach extensions with Bengals. Chase will be NFL’s highest-paid non-QB, AP source says

    The Cincinnati Bengals have agreed to four-year extensions with receivers Ja’Marr Chase and Tee Higgins, assuring that Joe Burrow will have his top two targets with him for some time.…

    Bitget Features in UCLA Professor Alex Nascimento’s Book on Blockchain and STOs

    This section is Partnership Content supplied The content in this section is supplied by GlobeNewswire for the purposes of distributing press releases on behalf of its clients. Postmedia has not…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    European tech industry coalition calls for ‘radical action’ on digital sovereignty — starting with buying local

    European tech industry coalition calls for ‘radical action’ on digital sovereignty — starting with buying local

    More pain for Atleti as Barça strike pivotal LaLiga title blow

    More pain for Atleti as Barça strike pivotal LaLiga title blow

    Pirate Yakuza In Hawaii’s Crew Member Types

    Pirate Yakuza In Hawaii’s Crew Member Types

    With the world heating up, why are more SUVs being sold?

    With the world heating up, why are more SUVs being sold?

    Chase, Higgins reach extensions with Bengals. Chase will be NFL’s highest-paid non-QB, AP source says

    Chase, Higgins reach extensions with Bengals. Chase will be NFL’s highest-paid non-QB, AP source says

    Bitget Features in UCLA Professor Alex Nascimento’s Book on Blockchain and STOs

    Bitget Features in UCLA Professor Alex Nascimento’s Book on Blockchain and STOs