LOS ANGELES (AP) — The FBI and the U.S. Cybersecurity and Infrastructure Safety Company are warning towards a harmful ransomware scheme.
In an advisory posted earlier this week, authorities officers warned {that a} ransomware-as-a-service software program referred to as Medusa, which has launched ransomware assaults since 2021, has not too long ago affected lots of of individuals. Medusa makes use of phishing campaigns as its major methodology for stealing victims’ credentials, in keeping with CISA.
To guard towards the ransomware, officers beneficial patching working methods, software program and firmware, along with utilizing multifactor authentication for all companies corresponding to electronic mail and VPNs. Specialists additionally beneficial utilizing lengthy passwords, and warned towards regularly recurring password adjustments as a result of they will weaken safety.
Medusa builders and associates — referred to as “Medusa actors” — use a double extortion mannequin, the place they “encrypt sufferer information and threaten to publicly launch exfiltrated information if a ransom just isn’t paid,” the advisory stated. Medusa operates a data-leak website that reveals victims alongside countdowns to the discharge of data.
“Ransom calls for are posted on the positioning, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,” the advisory stated. “At this stage, Medusa concurrently advertises sale of the info to events earlier than the countdown timer ends. Victims can moreover pay $10,000 USD in cryptocurrency so as to add a day to the countdown timer.”
Since February, Medusa builders and associates have hit greater than 300 victims throughout industries, together with the medical, training, authorized, insurance coverage, know-how and manufacturing sectors, CISA stated.
Source link