The Medusa ransomware has emerged as a significant threat since its first appearance in January 2023, with around 400 victims recorded. A report by Symantec demonstrates a 42% increase in attacks between 2023 and 2024, with over 40 attacks in the initial months of 2025 alone. Medusa employs double extortion tactics, stealing data before encrypting networks to compel payment. It has made substantial demands ranging from $100,000 to $15 million, affecting various sectors, particularly healthcare and government, and exploits known security flaws to gain initial access.
The threat actors behind Medusa ransomware have claimed nearly 400 victims, with a 42% increase in attacks from 2023 to 2024, marking a worrying trend.
Victims of the Medusa ransomware are pressured through double extortion tactics, where attackers steal data before encrypting networks, threatening to leak sensitive information.
The emergence of Medusa amid disruption caused by LockBit and BlackCat indicates a shift in the ransomware landscape, with new players quickly filling voids left by previous extortionists.
Ransom demands by Medusa can range dramatically from $100,000 to $15 million, targeting sensitive sectors like healthcare, finance, and government with significant operational impact.
Collection
[
|
...
]