The FBI has issued a stark warning to Gmail and Microsoft Outlook users about the Medusa ransomware, a dangerous program that takes data hostage. The malicious software has already ensnared over 300 known victims across « critical infrastructure sectors », such as hospitals, schools, and major businesses, by deploying phishing scams to exploit vulnerable software.
In a joint statement recently, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) revealed that Medusa deceives users with counterfeit emails or websites, coaxing them into surrendering access data. Once the hackers gain entry, they lock all crucial files and make duplicates.
They then extort victims for a ransom ranging from $100,000 to $15 million (£77,000 to £11.5m), coupled with the threat of disclosing potentially humiliating information to the public, reports the Mirror US.
Guard yourself against Medusa
Authorities recommend that Gmail users should immediately enable two-factor authentication, which provides an additional security layer by sending a code via text before you can log into your mailbox. Both businesses and individuals are also urged to ensure their operating systems are up-to-date with the latest security patches.
Moreover, the FBI suggests considering the removal of sensitive photos from your Gmail account and creating physical copies of important documents that could be compromised.
Users are also urged to maintain an active spam filter at all times to prevent phishing emails from reaching their inbox. They should also delete any suspicious emails containing redirect links, as clicking on these could give hackers access to their computer.
In addition, the FBI and CISA have issued a three-point plan for organisations to protect themselves from being targeted by Medusa:
- Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date within a risk-informed span of time.
- Segment networks to restrict lateral movement from initial infected devices and other devices in the same organisation.
- Filter network traffic by preventing unknown or untrusted origins from accessing remote services on internal systems.
Source link
