Walmart denies claims of successful attack conducted by Yanluowang ransomware group
June 29, 2022
Macmillan Publishers’s systems were forced offline by a possible ransomware attack
June 30, 2022

FBI releases joint advisory alert against the MedusaLocker ransomware gang

On Thursday 30th of June 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory that revealed that the MedusaLocker ransomware gang has predominantly been relying on vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks.

This flash alert was released in coordination with CISA, the Department of the Treasury, and FinCEN to provide key cyber threat information to help security professionals and organisations to detect and counter ransomware attack attempts from the MedusaLocker ransomware gang.

The alert also revealed that “MedusaLocker appears to operate as a Ransomware-as-a-Service (RaaS) model based on the observed split of ransom payments.” A common trend with RaaS models involves the ransomware developer and various affiliates that deploy the ransomware on victim systems but the “MedusaLocker ransomware payments appear to be consistently split between the affiliate, who receives 55 to 60 percent of the ransom, and the developer, who receives the remainder.”

Leave a Reply

Your email address will not be published. Required fields are marked *