![]() However, victims of MedusaLocker ransomware are scattered across all continents, excluding Antarctica. The United States of America is the biggest target for all ransomware groups MedusaLocker also follows this trend, where the largest numbers of the victims are from the United States of America. ![]() Figure 2 – Industries Targeted by MedusaLocker The figure below shows the industries targeted by the MedusaLocker Ransomware. MedusaLocker ransomware gang is known to target Hospital and Healthcare industries, but additionally, the gang also targets industries such as Education and Government organizations. Figure 1 – Map Showing Targets of MedusaLocker After a successful operation, the ransomware operators and affiliates divide the ransom extorted from victims.įigure 1 illustrates the countries that have been targeted by the ransomware group since January 2023, with a total of 24 victims worldwide. In the RaaS model, ransomware operators develop the ransomware and a Command and Control panel which is then used by the affiliates to launch ransomware attacks on the targets selected by their affiliates. MedusaLocker appears to work on Ransomware-as-a-Service (RaaS) model, which allows cybercriminals to rent the ransomware and its services from the developer. The ransom note tells victims to make a ransom payment to TA’s crypto wallet address. Once Threat Actors (TAs) gain access to the network, they encrypt the victim’s data and leave a ransom note with instructions on how victims can communicate with the TAs in every folder while encrypting files. MedusaLocker actors typically gain access to victims’ networks by exploiting vulnerabilities in Remote Desktop Protocol (RDP). MedusaLocker ransomware has been active since September 2019. Alarming increase in MedusaLocker Ransomware Victims
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |