New FBI warns details how it could be aimed at the extortion of simple email

Washington – A new warning of federal officials warns users who are careful with a dangerous ransomware scheme that can attack their computer systems through a simple email.

The ransomware software called Medusa has launched attacks on hundreds of people since 2021, using Phishing campaigns as their main method to steal the credentials of the victims, said the FBI and the cybersecurity and infrastructure security agency of the United States. In a recent joint warning.

The links included in the emails allow ransomware to access a computer system, taking it hostage.

Federal officials recommend patching operating systems, software and firmware, in addition to using multifactorial authentication for all services, such as email and VPN.

Experts also recommended using long passwords and warned against recurrent password changes frequently because they can weaken security.

The developers and affiliates of Medusa, called “Medusa actors”, use a double extortion model, the warning said. Cifban the data of a victim and threaten to publicly release them if a rescue is not paid.

Medusa operates a data smooth site that shows the victims together with the countdown to launch the information.

“The rescue demands are published on the site, with direct hyperlinks to cryptocurrency wallets affiliated with jellyfish,” the agencies said. “At this stage, Medusa simultaneously announces the sale of the data to the interested parties before the regressive account timer ends. Victims can also pay $ 10,000 USD in cryptocurrencies to add one day to the countdown timer. ”

FBI researchers discovered that Medusa actors, on at least one occasion, had been what is equivalent to a “triple extortion scheme.”

After paying a ransom, the Medusa actor contacted the contacted who states that the amount of the rescue had been stolen and demanding that half of the payment be made again to obtain the “true descriptor.”

Since February, Medusa developers and affiliates have reached more than 300 victims in all industries, including medical, education, legal, insurance, technology and manufacturing sectors, federal officials said.

More #stoprannsomware warnings are available in Stopransomware.govincluding information about other ransomware and resources at no cost.