Federal cybersecurity agencies have sounded the alarm over the Medusa ransomware group, which has expanded its operations since its inception in June 2021. Utilizing a ransomware-as-a-service (RaaS) model, Medusa allows affiliates to conduct attacks in exchange for potential payouts, increasing the group's reach. These attackers commonly infiltrate systems through phishing emails or exploiting vulnerabilities, leading to data being held hostage. Their public data leak site adds pressure on victims with countdowns, indicating a grim prospect for those who fail to respond promptly to ransom demands.
Medusa is exploiting outdated software and phishing techniques to hold data hostage and escalate its extortion efforts against victims by displaying countdown timers.
Ransomware as a Service (RaaS) allows the Medusa group to recruit affiliates and significantly expand their attack surface through financial incentives.
Collection
[
|
...
]