Medusa

Also known as: MedusaLocker

Overview

Ransomware group operating a leak site with countdown timers. Targets healthcare and education with increasing sophistication. Offers data deletion for additional payment.

MITRE ATT&CK Coverage

Recon
Res Dev
Init Access
Execution
Persistence
Priv Esc
Def Evasion
Cred Access
Discovery
Lat Move
Collection
C2
Exfil
Impact
3 of 14 tactics observed

Raw TTPs

RansomwareRDP ExploitationPhishingData Leak ExtortionCountdown Timers

Related Intelligence (1)

HIGHRansomwareExploited

Medusa Ransomware Campaign Targets 40+ US School Districts

Medusa ransomware group attacks over 40 US school districts via compromised RDP. Student and staff PII at risk. FBI issues sector-wide alert.

Windows Server
FBI / CISA Joint Advisory