Medusa is a ransomware-as-a-service provider first identified in June 2021, according to the advisory. As of February, Medusa has impacted over 300 victims from multiple critical infrastructure ...

Archaeologists have discovered a mask mold believed to depict Medusa at Valley of the Temples Archaeological Park in in Sicily, Italy. The park is open to visitors on weekdays.

Dubbed “Medusa,” the “ransomware-as-a-service” has affected more than 300 known people “from a variety of critical infrastructure sectors” since it was first discovered in 2021, ...

Medusa started as a closed ransomware variant, meaning that the same cybercriminals who develop the malware also carry out the attacks. But over time, it has transitioned to an affiliate model, ...

Since its founding in 2021, Medusa, according to a joint cybersecurity advisory published last month by CISA and the FBI, has infiltrated over 300 organizations, targeting a “variety of critical ...

A new version of the Medusa DDoS (distributed denial of service) botnet, based on Mirai code, has appeared in the wild, featuring a ransomware module and a Telnet brute-forcer.

Federal officials urge organizations to shore up cybersecurity as people continue falling victim to Medusa ransomware, which has racked up hundreds of victims across several industries since the ...

How can I protect myself and my company from Medusa? The advisory posted on the CISA’s website states that Medusa is primarily spread through phishing campaigns to steal victims’ credentials.

In mid-March 2025, the FBI, CISA, and MS-ISAC said Medusa targeted more than 300 victims from a “variety of critical infrastructure sectors”, by February 2025.

Medusa "actors" (developers and affiliates) collect sensitive personal information (i.e., bank account details, health records, social security numbers) and threaten to release it.