Cybersecurity officials warn against potentially costly Medusa ransomware attacks
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning against a dangerous ransomware scheme.
In an advisory posted earlier this week, government officials warned that a ransomware-as-a-service software called Medusa, which has launched ransomware attacks since 2021, has recently affected hundreds of people. Medusa uses phishing campaigns as its main method for stealing victims' credentials, according to CISA.
To protect against the ransomware, officials recommended patching operating systems, software and firmware, in addition to using multifactor authentication for all services such as email and VPNs. Experts also recommended using long passwords, and warned against frequently recurring password changes because they can weaken security.
Medusa developers and affiliates — called 'Medusa actors' — use a double extortion model, where they 'encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid,' the advisory said. Medusa operates a data-leak site that shows victims alongside countdowns to the release of information.
'Ransom demands are posted on the site, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,' the advisory said. 'At this stage, Medusa concurrently advertises sale of the data to interested parties before the countdown timer ends. Victims can additionally pay $10,000 USD in cryptocurrency to add a day to the countdown timer.'
Since February, Medusa developers and affiliates have hit more than 300 victims across industries, including the medical, education, legal, insurance, technology and manufacturing sectors, CISA said.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Daily Mail
3 hours ago
- Daily Mail
Spirit Airlines passenger calls in fake bomb threat
A bone-headed passenger booked on a Spirit Airlines flight out of Detroit called in a fake bomb threat after learning he would miss his trip - sparking hysteria at the airport and forcing the flight to be canceled. John Charles Robinson, of Monroe, Michigan, is accused of calling Detroit Metropolitan Airport on Thursday morning and reporting that a person planned to blow up the Los Angeles-bound plane. The 23-year-old had a ticket for Spirit Airlines Flight 2145 but missed the boarding window, according to the US Attorney's Office. After learning at the gate that he had to reschedule his trip, Robinson called the airport at around 6:25am and told the alarming lie, authorities said. 'I was calling about 2145… because I have information about that flight,' he told an employee, according to an affidavit. 'Please don't let that flight board,' he allegedly pleaded. The flight was immediately canceled, forcing passengers and crew off the aircraft. Bomb-sniffing dogs and FBI agents swarmed the plane but found nothing. FBI agents learned Robinson had missed the flight and arrested him when he returned to the airport for his rescheduled trip to LA. Officials said the suspect admitted to making the call, ABC News reported. Robinson allegedly confirmed the phone number used to make the call was his and gave written permission to agents to search the device. He was charged with using a cellphone to threaten/maliciously convey false information concerning an attempt or alleged attempt to damage/destroy an airplane by means of an explosive, as well false information and hoaxes. Robinson appeared in court on Friday and was released on $10,000 bond. He is scheduled to appear before a judge again on June 27. 'No American wants to hear the words "bomb" and "airplane" in the same sentence,' US Attorney Jerome F. Gorgon, Jr. said.
Daily Mail
4 hours ago
- Daily Mail
Spirit Airlines flight thrown into chaos by last-minute bomb threat that triggered mass panic
A bone-headed passenger booked on a Spirit Airlines flight out of Detroit called in a fake bomb threat after learning he would miss his trip - sparking hysteria at the airport and forcing the flight to be canceled. John Charles Robinson, of Monroe, Michigan, is accused of calling Detroit Metropolitan Airport on Friday morning and reporting that a person planned to blow up the Los Angeles-bound plane. The 23-year-old had a ticket for Spirit Airlines Flight 2145 but missed the boarding window, according to the US Attorney's Office. After learning at the gate that he had to reschedule his trip, Robinson called the airport at around 6:25am and told the alarming lie, authorities said. 'I was calling about 2145… because I have information about that flight,' he told an employee, according to an affidavit. 'There's gonna be someone who's gonna try to blow up the gonna be someone that's gonna try to blow up that flight, 2145.' Robinson then described a person carrying a bomb, claiming the individual planned to bring it into the airport undetected, authorities said. 'Please don't let that flight board,' he allegedly pleaded. The flight was immediately canceled, forcing passengers and crew off the aircraft. Bomb-sniffing dogs and FBI agents swarmed the plane but found nothing. FBI agents learned Robinson had missed the flight and arrested him when he returned to the airport for his rescheduled trip to LA. Officials said the suspect admitted to making the call, ABC News reported. Robinson allegedly confirmed the phone number used to make the call was his and gave written permission to agents to search the device. He was charged with using a cellphone to threaten/maliciously convey false information concerning an attempt or alleged attempt to damage/destroy an airplane by means of an explosive, as well false information and hoaxes. Robinson appeared in court on Friday and was released on $10,000 bond. He is scheduled to appear before a judge again on June 27. 'No American wants to hear the words "bomb" and "airplane" in the same sentence,' US Attorney Jerome F. Gorgon, Jr. said. 'Making this kind of threat undermines our collective sense of security and wastes valuable law enforcement resources.' Faux bomb threats are punishable by fines, prison time and felony charges. Culprits can face up to five years in custody, according to the Department of Justice.
Reuters
5 hours ago
- Reuters
US agencies tracked foreigners visiting Musk's properties in 2022 and 2023, WSJ reports
WASHINGTON, June 10 (Reuters) - U.S. government agencies tracked foreign nationals' visits to Elon Musk's proprieties amid concerns over possible attempts to influence the tech billionaire, The Wall Street Journal reported on Tuesday, citing people familiar with the matter. The investigation, which tracked the foreigners in 2022 and 2023, included the Department of Homeland Security and the Justice Department, according to the report. It focused on people visiting the Musk from countries in Eastern Europe and elsewhere, the Journal said. Musk, who runs five companies and has sensitive government contracts, has had unprecedented access to top government officials from countries around the world. The U.S. investigation focused on possible attempts to influence Musk, the Tesla chief executive, the newspaper said. No charges were filed and the status of the probe was not clear, according to the Journal. The world's richest person, Musk was tapped by President Donald Trump to lead what became a chaotic drive to slash the federal government. He was a top adviser to Trump until the two men had a public rupture last week. Officials at several agencies including the FBI have been briefed on the investigation, which predated the Trump administration, the newspaper reported. The Journal said Musk did not respond to requests for comment and the FBI declined to Comment. The Trump administration has expressed concern about possible foreign influence in the United States.
