Users should be aware: This ransomware poses a threat to valuable data.
The FBI has issued a warning about malicious malware that demands ransom from victims to release data.
Since its first discovery in 2021, the Ransomware-a-Service, known as “Medusa,” has influenced over 300 known people “from a variety of critical infrastructure sectors.” Recent advice Written by the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analytics Center.
Cybercriminals – Some of them are paid by the Medusa developers to infiltrate the target accounts from $100 to $1 million, but according to the advisory, people's data can first be accessed through phishing or “exploitation, or unearned software vulnerabilities.”
The malicious actor then asks for a ransom so that the victim will obtain the data and not be released, and asks the victim to “reach within 48 hours.”
“If the victim does not respond to the ransom note, the Medusa actor will reach out to them directly via phone or email,” the advisory said.
According to the agency, the FBI investigation found that the victim forced a triple in one case, and was contacted by another Medusa-related cybercriminal who allegedly stole the ransom amount and demanded another payment.
To protect themselves, people can follow the tips and tricks of agents to secure their accounts and personal information to prevent data theft.
For example, all accounts recommend using multifactor authentication (ideally updating your system and software using an authentication app rather than text message), as well as requiring regular password logins.
Agents also advise you to back up and encrypt your data and information to other locations, such as clouds or hard drives. Additionally, be careful when clicking a link to open or download attachments, especially if you receive them via email or text. Email addresses can be easily spoofed and can seem convincingly legal.
If you accidentally open a link or download a file that has been proven malicious, do not sweep under a lag, experts warn.
“It's often the first reaction and not ideal,” said Ryan Cullenber, chief strategy officer for cybersecurity company ProofPoint. Washington Postencouraging IT teams to stop attacks, even in a short period before Cybercriminals act.
“When you fall on something, the attacker still has a window of time where he has to figure out what they have now and whether it is worth exploiting.”
