In order to draw attention to current MedusaLocker ransomware activity, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Treasury, and the Financial Crime Enforcement Network (FinCEN) have issued a combined advisory.
As of May 2022, the ransomware’s developers largely rely on Remote Desktop Protocol (RDP) flaws to get access to victims’ networks. The ransomware encrypts the victims’ data upon execution and then drops a ransom letter with instructions for decrypting files. In order to pay the ransomware, the note advises victims to a specific Bitcoin wallet address.
According to the advice, the affiliate will receive between 55 and 60 percent of any ransom money obtained as a result of their acts, with the remaining money going to the operators.
Read More: https://cyware.com/news/cisa-warns-about-medusalocker-ransomwares-latest-activity-3fb2d623
