The FBI Warns Against a Dangerous Ransomware Scheme
LOS ANGELES (AP) — The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning against a dangerous ransomware scheme that has affected hundreds of people since 2021.
Ransomware-as-a-Service Software Medusa Under Scrutiny
In an advisory posted earlier this week, government officials warned about the ransomware-as-a-service software called Medusa, which uses phishing campaigns as its main method for stealing victims' credentials. CISA reports that Medusa has been used to launch ransomware attacks since 2021.
Protecting Against Ransomware Attacks: What You Need to Know
To protect against the ransomware, officials recommended patching operating systems, software and firmware, in addition to using multifactor authentication for all services such as email and VPNs. Experts also recommended using long passwords, and warned against frequently recurring password changes because they can weaken security.
The Double Extortion Model Used by Medusa Developers
Medusa developers and affiliates — called “Medusa actors” — use a double extortion model, where they “encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid,” the advisory said. Medusa operates a data-leak site that shows victims alongside countdowns to the release of information.
Ransom Demands and Counting Down to Data Release
“Ransom demands are posted on the site, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,” the advisory said. “At this stage, Medusa concurrently advertises sale of the data to interested parties before the countdown timer ends. Victims can additionally pay $10,000 USD in cryptocurrency to add a day to the countdown timer.”
A Widespread Threat: Industries and Sectors Affected by Medusa
Since February, Medusa developers and affiliates have hit more than 300 victims across industries, including the medical, education, legal, insurance, technology, and manufacturing sectors. CISA reports that this number is likely to be higher due to the nature of these attacks.
The Importance of Staying Safe in a Digital Age
As the world becomes increasingly digital, it's more important than ever to stay safe online. By taking simple precautions such as patching software and using multifactor authentication, individuals and businesses can protect themselves against ransomware attacks like Medusa.
The FBI's Warning: Take Action Now
The FBI and CISA are urging everyone to take action now to protect themselves against the dangers of Medusa. By being vigilant and taking steps to secure their data, individuals can avoid becoming victims of these devastating attacks.
- Patch operating systems, software, and firmware regularly
- Use multifactor authentication for all services like email and VPNs
- Use long passwords and avoid frequently recurring password changes
- Be cautious of phishing campaigns and suspicious emails
The FBI and CISA are committed to helping individuals and businesses protect themselves against the threats of ransomware attacks like Medusa. By working together, we can create a safer online environment for everyone.