FBI Warns Consumers and Businesses of Medusa Threat
In mid-March, the Cybersecurity and Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a warning about the activities of the Medusa cybercrime group, which specializes in organizing cyberattacks using data encryption malware to extort money (Ransomware). The victims of this group are agencies, organizations, businesses, hospitals and schools.
This group organizes sophisticated cyber attacks, exploiting vulnerabilities and penetrating networks or computers, from there encrypting data and blackmailing victims to pay ransom. The ransom can reach millions of dollars. The list of more than 400 victims of this group includes Toyota Financial Services, part of the Toyota Group, when it was attacked with ransomware and demanded a ransom in November 2023.
The FBI warns consumers and businesses about the risks posed by Medusa. (Photo: BleepingComputer)
Security researchers at Kaspersky discovered the activities of the Medusa ransomware in 2023. According to Kaspersky's recommendations for businesses, the steps to check include:
Test and secure Remote Desktop services . Regularly test and patch Virtual Private Network (VPN) services that provide employees with access to the corporate network. Update software on devices to the latest versions.
In addition, businesses also need to back up important data . Enhance security with solutions such as Kaspersky Endpoint Detection & Response to detect attacks early.
For individual users, the FBI recommends strengthening the protection of Gmail and Outlook accounts, as well as VPN services in use. Typically, this includes backing up data to multiple copies, in separate and secure locations. Keeping Windows operating systems and software up to date. Using security monitoring and tracking tools for devices and networks to detect intrusions.
Last month, CISA and the FBI also issued a joint announcement warning users and businesses about the Ghost ransomware attack spreading to more than 70 countries.
Nearly 1 million Windows computers were targeted
Microsoft has warned that millions of Windows computers are the target of a cyberattack when infected with malware from pirated movie sites. According to Microsoft, when accessing pirated movie websites, users' computers can be redirected to download malware that cybercriminals 'borrow' from Github as a storage place.
Kaspersky Plus 2025's comprehensive management interface provides users with an overview and automatically handles security risks.
The attack is a fairly sophisticated four-stage attack, with pieces of malware downloaded from multiple websites including Discord and Dropbox. Critical data is sought, including data stored in the cloud on Microsoft OneDrive. The malware also probes whether the user’s computer contains financial information from cryptocurrency wallets such as Ledger Live, Trezor Suite, KeepKey, BCVault, OneKey, and BitBox.
According to Mr. Ngo Tran Vu, Director of NTS Security, most individual users and small businesses are still negligent in the face of digital threats. In particular, they often have the habit of accessing online movie viewing websites for entertainment right on their Windows computers containing a lot of important data. Business data, management account information... are only superficially or incompletely managed, causing these subjects to often suffer heavy damage and be difficult to recover when incidents such as ransomware attacks occur.
“ With increasingly diverse threats surrounding users, using a comprehensive protection solution is the right solution, helping users to be safer, even with risks that they do not know or remember, ” Mr. Vu shared.
Source: https://vtcnews.vn/nguoi-dung-may-tinh-windows-can-lam-ngay-viec-nay-de-ung-pho-ma-doc-tong-tien-ar934074.html
![[Maritime News] More than 80% of global container shipping capacity is in the hands of MSC and major shipping alliances](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/7/16/6b4d586c984b4cbf8c5680352b9eaeb0)
Comment (0)