Medusa Ransomware: A Growing Threat with a Bold Online Presence

SUMMARY :

Medusa is a prominent ransomware group that emerged in 2023, targeting sectors such as healthcare, manufacturing, and education across multiple countries. Unlike typical ransomware operators, Medusa maintains a presence on both the dark web and surface web, including social media platforms. The group operates a ransomware-as-a-service model and has attacked 145 victims in 2023, with projections of over 200 victims by the end of 2024. Medusa's tactics include exploiting vulnerabilities, using compromised remote management tools, and employing sophisticated defense evasion techniques. The group's unusual online presence, including connections to 'OSINT Without Borders', has drawn attention from cybersecurity analysts. Despite their bold approach, Medusa has experienced operational setbacks, highlighting potential vulnerabilities in their strategy.

OPENCTI LABELS :

ransomware,cve-2023-48788,medusa ransomware


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Medusa Ransomware: A Growing Threat with a Bold Online Presence