Bleeping Computer has written an article discussing the latest strain of the Medusa malware, which has existed in one form or another since 2015. While primarily a DDoS botnet, researchers at Cyble have discovered a new variant in the wild that’s based on the Mirai botnet’s source code leak from 2016, giving Medusa extensive new capabilities. However, the main concern is the addition of a ransomware module that gives Medusa more flexibility in how it can be used once it infects a machine. According to reports, this module currently appears to be broken, as it is deleting files soon after encrypting them before displaying the ransomware note (think NotPetya) – essentially behaving like a wiper. Researchers state that Medusa has no file stealing capabilities at this time. Read more at Bleeping Computer.
You are here
Related Resources
Jun 28, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Jun 27, 2024 in Cybersecurity, in Security Preparedness
Jun 27, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness