Malware in general, is dangerous. It can steal both personal and financial information. However, one of the more insidious forms of malware is ransomware. This is where attackers hold a system hostage by encrypting its contents until a ransom is paid, hence the name. Now, according to warnings by CISA and the FBI, they are telling Outlook and Gmail users to be on the lookout for the Medusa ransomware, which is rearing its ugly head once more.
Medusa ransomware’s MO
For those unfamiliar, the Medusa ransomware has been around since 2021, targeting both Gmail and Outlook users alike. It is a particularly greedy and insidious malware. At its core, it functions like ransomware, where users have to pay the attackers if they want to get access back to their data and systems.
However, Medusa takes it one step further. In addition to asking for a main ransom, Medusa has a data leak site where it has a countdown timer. The attackers warn that if the ransom isn’t paid, they will leak the information online. Its victims have an option of paying $10,000 in cryptocurrency to retrigger the countdown timer by one day.
This means that the longer the victims take to decide or come up with the money, the more Medua’s attackers can fleece them. So far, according to the reports, around 300 victims have fallen prey. This covers various industries, including healthcare, education, law, insurance, tech, and manufacturing.
Protecting yourself
So, how do you protect yourself against ransomware like Medusa? The answer is simple: do not click or open emails or messages from people you don’t know. How malware typically infects system is through phishing attacks. This is where they send its victims an email or message with a link.
This link directs users to a site designed to mimic a legitimate website, such as a government portal or a bank’s website. Once there, attackers may prompt users to download files, open documents, or enter personal information.
To prevent malware from exploiting known security flaws, users should keep their systems updated. They should also enable 2FA and create strong passwords whenever possible.
Ransomware is dangerous, especially when it targets industries like medical or healthcare. Locking doctors out of important patient information could result in deaths when patients are given medication they’re allergic to. We’ve seen various instances of hospitals being forced to suspend operations due to malware infection.
