LOS ANGELES (AP) — The FBI and the U.S. Cybersecurity and Infrastructure Safety Company are warning towards a harmful ransomware scheme.
In an advisory posted earlier this week, authorities officers warned {that a} ransomware-as-a-service software program known as Medusa, which has launched ransomware assaults since 2021, has just lately affected lots of of individuals. Medusa makes use of phishing campaigns as its essential methodology for stealing victims’ credentials, in keeping with CISA.
To guard towards the ransomware, officers advisable patching working methods, software program and firmware, along with utilizing multifactor authentication for all providers akin to electronic mail and VPNs. Specialists additionally advisable utilizing lengthy passwords, and warned towards often recurring password modifications as a result of they will weaken safety.
Medusa builders and associates — known as “Medusa actors” — use a double extortion mannequin, the place they “encrypt sufferer information and threaten to publicly launch exfiltrated information if a ransom isn’t paid,” the advisory stated. Medusa operates a data-leak web site that reveals victims alongside countdowns to the discharge of data.
“Ransom calls for are posted on the location, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,” the advisory stated. “At this stage, Medusa concurrently advertises sale of the info to events earlier than the countdown timer ends. Victims can moreover pay $10,000 USD in cryptocurrency so as to add a day to the countdown timer.”
Since February, Medusa builders and associates have hit greater than 300 victims throughout industries, together with the medical, training, authorized, insurance coverage, expertise and manufacturing sectors, CISA stated.
About The Author
