Particle.news
Download on the App Store
5 ARTICLES
·
UPDATED last week

FBI and CISA Warn of Medusa Ransomware Targeting Over 300 Victims

The sophisticated ransomware campaign uses phishing and unpatched vulnerabilities to execute double and triple extortion schemes across critical industries.

  • Medusa ransomware, operated by the Spearwing group, has targeted over 300 victims in sectors like healthcare, education, and manufacturing since 2021.
  • The ransomware employs phishing emails and exploits unpatched software vulnerabilities to gain access to systems.
  • Medusa uses a double extortion model, encrypting data and threatening to release it publicly, with a data-leak site featuring countdowns to data exposure.
  • Federal agencies report instances of triple extortion schemes, where victims are asked for additional payments after the initial ransom is paid.
  • The FBI and CISA recommend measures such as multifactor authentication, network segmentation, and regular software updates to mitigate the risk of attacks.
Publisher Logo Newsweek Publisher Logo USA TODAY Publisher Logo Houston Chronicle Publisher Logo Cleveland Plain Dealer Publisher Logo Washington Post
Hero image