{"id":6923,"date":"2022-06-30T16:18:42","date_gmt":"2022-06-30T07:18:42","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=6923"},"modified":"2022-07-19T16:20:49","modified_gmt":"2022-07-19T07:20:49","slug":"fbi-releases-joint-advisory-alert-against-the-medusalocker-ransomware-gang","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/fbi-releases-joint-advisory-alert-against-the-medusalocker-ransomware-gang\/","title":{"rendered":"FBI releases joint advisory alert against the MedusaLocker ransomware gang"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"6923\" class=\"elementor elementor-6923\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-199a17f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"199a17f\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-46eb523\" data-id=\"46eb523\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c91def2 elementor-widget elementor-widget-text-editor\" data-id=\"c91def2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On Thursday 30th of June 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory that revealed that the MedusaLocker ransomware gang has predominantly been relying on vulnerabilities in Remote Desktop Protocol (RDP) to access victims\u2019 networks.<\/p><p>This flash alert was released in coordination with CISA, the Department of the Treasury, and FinCEN to provide key cyber threat information to help security professionals and organisations to detect and counter ransomware attack attempts from the MedusaLocker ransomware gang.<\/p><p>The alert also revealed that \u201cMedusaLocker appears to operate as a Ransomware-as-a-Service (RaaS) model based on the observed split of ransom payments.\u201d A common trend with RaaS models involves the ransomware developer and various affiliates that deploy the ransomware on victim systems but the \u201cMedusaLocker ransomware payments appear to be consistently split between the affiliate, who receives 55 to 60 percent of the ransom, and the developer, who receives the remainder.\u201d<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On Thursday 30th of June 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory that revealed that the MedusaLocker ransomware gang has predominantly been relying on vulnerabilities in Remote Desktop Protocol (RDP) to access victims\u2019 networks. This flash alert was released in coordination with CISA, the Department of the Treasury, and FinCEN to provide<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":6928,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,12,9,2,1],"tags":[],"class_list":["post-6923","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-read_article","category-ransomware_criminals","category-ce_news","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2022\/07\/Picture1-5.jpg?fit=1379%2C919&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6923"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=6923"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6923\/revisions"}],"predecessor-version":[{"id":6931,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6923\/revisions\/6931"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/6928"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=6923"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=6923"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=6923"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}