Federal authorities are issuing urgent warnings regarding the Medusa ransomware campaign, which has reportedly affected over 300 victims since last month. Initially a closed variant, Medusa has shifted to a ransomware-as-a-service model, employing affiliates to execute attacks while developers manage ransom negotiations. The campaign primarily targets critical infrastructure sectors through phishing and exploiting unpatched vulnerabilities, leveraging tools to identify and exploit weaknesses. Authorities advise vigilance and enhanced security measures to mitigate risks posed by this evolving threat.
Federal authorities, including the FBI, CISA, and MS-ISAC, have issued a warning about the dangerous Medusa ransomware, which has targeted over 300 victims since September.
Medusa transitioned from a closed ransomware variant to a ransomware-as-a-service model, allowing affiliates to conduct attacks while developers focus on ransomware negotiations.
The primary methods for compromising organizations include phishing campaigns and exploiting unpatched software vulnerabilities, allowing attackers access to sensitive resources.
Affiliates are recruited through dark web forums and marketplaces, with offers ranging from $100 to $1 million for exclusive work in launching attacks.
Collection
[
|
...
]