Medusa Ransomware Activity Continues to Increase
March 6, 2025, 10:51 p.m.
Description
Medusa ransomware attacks jumped by 42% between 2023 and 2024. This increase in activity continues to escalate, with almost twice as many Medusa attacks observed in January and February 2025 as in the first two months of 2024.
Tags
Date
- Created: March 6, 2025, 10:32 p.m.
- Published: March 6, 2025, 10:32 p.m.
- Modified: March 6, 2025, 10:51 p.m.
Indicators
- f5acae25462bee1c2120fa53c33126792d0747cb93105b475f1dc15ae95d86f8
- f365ca957e733714691f4ac19f136b33442269816e71cab84c3ce0b319084cc2
- e7cad51c71403c229364147d66ef1858065b10645d1d09774cd9a91dd8e54717
- e61b3377065034c79f2ac9c5593f117182a5a7a0d572f8ea8b7e6b10e10bb431
- e0b562b70b9fed98a05680a613f786bd482f71456976c7290ca2059004cb64a5
- dfdb6d5ef505a0d4cabbcd97e142106ecab9604d0086d77c9431e2fb09088eb6
- df6cb5199c272c491b3a7ac44df6c4c279d23f7c09daed758c831b26732a4851
- dd0e796f52fc1fcad488df122db8f5fcc9423ffdd3b5edbcc66d6055ab8a2247
- dbe480495be5abc23437b5e916fa0368c617e4dbd58d9ed7ea303b102a6dc3b1
- d5a1f90dc5c9717b3f900c91a6cdccc20e56e6f1d20f24170189260e8dde7608
- d1e1eb0e0aaedb01df8cc2b98b0119c4aef8c1c2a3930ea0c455f0491e3161eb
- c9e05b08731892295a0842f7d17be0747c16226fcb75fa4a23b43b61a833c8cf
- c6ac5a83942a8aa3954650dfaa343a4bc4d3cff81c771ec0bb60bf1d2208c4e1
- c28fa95a5d151d9e1d7642915ec5a727a2438477cae0f26f0557b468800111f9
- c005dda544098874b1f923c835c9183d1ad4f601b2e9a29b1afa02ae3061e5d4
- bf3b4762b518c4682cb06fe5848e7cf3cc515fca1c367f82c8d69a847ac1a0a1
- b7703a59c39a0d2f7ef6422945aaeaaf061431af0533557246397551b8eed505
- b1553dfee1da93fd2dedb0755230ce4e21d4cb78cfc369de29d29d04db1fe013
- ae8553ec071675f372e0666fb73655e15119ebe705a518293373acc4589fa2da
- ae312393ef8e7c4a813a0ed8d4dd9e6a85b00303eb070eb15133797f41e99d90
- ad3ec38f79b4964fc9ba0d8f2d9d28c7cd3bd20dee0e3acf427eebb5dc819275
- 9d5616672189557f171cae0f122853f3498bc9160ee92f3844404d46ec45210a
- 8dff18f10c857dd3eeb5511f5724da0ab1d9e411044aea27f6de23ee33f798c8
- 9632d7e4a87ec12fdd05ed3532f7564526016b78972b2cd49a610354d672523c
- 7f2f3e90863de8f753169fdc107df72c0ba95826de848a2d5f753f9f58a35fb4
- 7c340e4d69ac5221bbebcad320814929c1bc376c4d9a64e5daf70c191137fd4a
- 7880968b0020947d5d13fac826e49c70b5a9421e3d6546a34663803a411b97ff
- 77a96b9bcc2bdcbc5c5cd39d606b8b14112e04390c04e4c9a7570a8bbca32ed2
- 622b9c7a39c3f0bf4712506dc53330cdde37e842b97f1d12c97101cfe54bebd4
- 6106d1ce671b92d522144fcd3bc01276a975fe5d5b0fde09ca1cca16d09b7143
- 5f9d864d11c79b34c4502edba7d0e007197d0df086a6fb9d6bfda84a1771ff0f
- 583940ab94608408294e344af4503c8caed96966a08165c58cdc4faa03ab52a9
- 55e4ce3fe726043070ecd7de5a74b2459ea8bed19ef2a36ce7884b2ab0863047
- 53e5c44c1f47895004d61d18cbc74e83d7118dfcb2eb073c1e9c6a37abf38bd9
- 3be651fe6619e62e483ff8d46e49c3578e7ce9d60b6d2b31d8d3e32beeeaabec
- 3770c122f3f289cea730a5d1d16978e7f354686d3d2d4f667cfd9e37d5e9d368
- 3a7f64223a51e35a8253804c42d0ba92b663e06da8c21d398a65074b8e50beec
- 16f83f056177c4ec24c7e99d01ca9d9d6713bd0497eeedb777a3ffefa99c97f0
- 276024580b5bc903656a1c12a7ec02daccb10e6e6bdf6872765c9a67f1cd6da5
- 1b7add5adbb9ba5b85437c11825e47663bd59729442f6f44fb2576b25945f0eb
- 16c7497fc7b31936c1ecb845d2e61ef30935c1bba3074ac66a7329d7d134cbb1
- 08f05c597ac7c8e35515a63a9e139ef75b44d92093ed8c5b1b3c064f9c7f6cb8
- 0b3b9076591240a9639929a1a5a78922b5db0af3dba2e782d595ecc139ffb7e1
- 038fb5e0ba6c35e3ee2f56b5bd926109e8b321bd0c9e3b759489312518efea65
- 01b91c60866b22b22d82284cbaac35565818eba353ac834018971d180a790a77
Attack Patterns
- MedusaLocker
- Medusa
- T1490
- T1007
- T1070
- T1036
- T1027
- T1562
- T1068
Additional Informations
- Healthcare
- Financial
- Government