In the case of Medusa ransomware, victims must pay to decrypt files and prevent further release by Medusa suspects. RELATED: ‘Smishing’ scam texts are still a threat: What to know CISA warning ...

The Medusa variant has carried out hundreds of attacks across industries, the FBI warns, along with CISA and MS-ISAC Bailey Richards Sat, March 15, 2025 at 5:10 PM UTC ...

CISA said Medusa developers and their affiliates use a double-extortion model. They steal and encrypt your data and then threaten to release it on the dark web if you don’t pay their demands.

Medusa, active since 2021, follows a double extortion model - encrypting victims’ data and threatening to ... (CISA) have reported a surge in Medusa ransomware attacks, ...

Medusa uses phishing campaigns as its main method for stealing victims' credentials, according to CISA. To protect against the ransomware, ...

The ransomware variant is called "Medusa," it was first identified in June 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and FBI announced on March 12.

According to a cybersecurity advisory, Medusa relies on a “double extortion model” that encrypts a victim’s data then threatens to release it publicly.

The FBI, CISA, and MS-ISAC recommended some actions organizations should take immediately to protect against Medusa ransomware threats: Require VPNs or Jump Hosts for remote access. Monitor for ...

Medusa is a ransomware-as-a-service variant used to conduct attacks, CISA said. “Ransomware is always of concern,” said Anton Dahbura, the executive director of the Johns Hopkins University ...

The Medusa variant has carried out hundreds of attacks across industries, the FBI warns, along with CISA and MS-ISAC A program has taken hundreds of victims' data hostage for ransom — and others ...

Medusa also operates a data leak site, which shows victims alongside countdowns to the release of information, according to the advisory. "Ransom demands are posted on the site, with direct ...