1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The Medusa ransomware group is getting serious

    From TechnologyDaily@1337:1/100 to All on Mon Mar 13 15:45:03 2023
    The Medusa ransomware group is getting serious

    Date:
    Mon, 13 Mar 2023 15:30:05 +0000

    Description:
    Medusa puts itself on the map with a new attack, asking for $1 million in ransom.

    FULL STORY ======================================================================

    A ransomware operator thats been keeping a low profile for the past couple of years has struck gold after a string of successful and high-profile
    ransomware attacks on corporate victims.

    Per BleepingComputer , the threat group known as Medusa dates back to June 2021, but it has only just entered the spotlight after its recent attack on the Minneapolis Public Schools (MPS) district.

    Various sources claim the group has demanded $1 million in exchange for the decryption key, with negotiations still ongoing. Now, MPS has until March 17 to pay up, or face having its sensitive data leaked to the public via a dedicated blog. Identity crisis

    If the group plans on being more active, though, it might want to consider rebranding. There are multiple other threat actors going by the name Medusa, which resulted in confusing media reports, BleepingComputer states.

    Such examples include an entirely different ransomware group called MedusaLocker, a piece of Android malware called Medusa, and a Medusa botnet based on the infamous Mirai. Read more

    You're a ransomware victim: Here's 5 things you should do


    What is ransomware and how does it work?


    Check out the best malware removal right now

    The MedusaLocker ransomware group is thought to be two years older than Medusa, as the first reports of its activity started appearing in 2019. It is a Ransomware-as-a-Service group, with multiple affiliates using the service
    to target corporate victims.

    The two groups also differ in the ransom notes they leave. While MedusaLocker leaves a .HTML file named How_to_back_files, Medusa leaves a .TXT file titled !!!READ_ME_MEDUSA!!!.

    Whats more, Medusa encrypts files with the .MEDUSA file extension, while MedusaLocker uses a wide variety of extensions. Here's our list of the best firewalls right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/the-medusa-ransomware-group-is-getting-serious


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)