The FBI has issued a warning about ransomware threats targeting the United States Postal Service and Gmail and Outlook users. According to the agency, the Medusa ransomware gang—an organization that has been active since 2022—is behind the attacks. In its advisory statement, the FBI explained that Medusa operates using a double extortion model, encrypting victims’ data and then threatening to publicly release their personal information if a ransom is not paid.
Who is the Medusa ransomware group?
According to CCN, Medusa emerged in 2022 and has gained notoriety in the years since. The group primarily targets Windows systems by exploiting compromised accounts. Medusa has attacked several high-profile organizations, including the Minneapolis Public School District, which has an enrollment of 30,000 people. After the hackers accessed sensitive documents, including allegations of teacher abuse and psychological reports, the district refused to pay the ransom, CCN reported.
Who is affected by the attacks from the Medusa ransomware gang?
More than 300 individuals and organizations in the medical, education, legal, insurance, technology, and manufacturing industries have been affected by the attack since February, per Al.com. The hackers use phishing emails to trick recipients into clicking malicious links, which then steal their personal information until a ransom is paid.
What does the FBI advise to protect people from hackers online?
According to Forbes, the FBI advises individuals to enable two-factor authentication, particularly for email services such as Gmail and Outlook. The agency also recommends using a VPN when accessing sensitive data. Additionally, the FBI suggests using long passwords and warns against frequent password changes, as this can weaken security. Users are also advised to regularly update their firmware and remain vigilant for suspicious activity.
How much ransom do the Medusa hackers demand?
The Medusa hackers have demanded up to $15 million from some organizations, The Hacker News reported.
“If victims refuse to pay, the group threatens to publish the stolen data on their data leaks site,” the Symantec Threat Hunter Team told The Hacker News.
