EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • The CISA Publishes a Report on the Medusa Ransomware Gang
    • Home
    • Cybercrime
    • The CISA Publishes a Report on the Medusa Ransomware Gang

    The CISA Publishes a Report on the Medusa Ransomware Gang

    Written by
    The Editorial Team
    03.13.25
    Cybercrime
    01
    MIN
    The CISA Publishes a Report on the Medusa Ransomware Gang
    The CISA Publishes a Report on the Medusa Ransomware Gang
    The CISA Publishes a Report on the Medusa Ransomware Gang
    Image Online Child Exploitation: Four Men Arrested in Canada
    Cybercrime
    03.11.25 Cybercrime
    Next article
    Online Child Exploitation: Four Men Arrested in Canada
    Read
    01
    MIN
    Image DDoS Attacks by Pro-Russian Group NoName067(16) Against French Local Authorities
    Cybercrime
    03.11.25 Cybercrime
    Next article
    DDoS Attacks by Pro-Russian Group NoName067(16) Against French Local Authorities
    Read
    01
    MIN
    Image Arrest of a Cybercriminal Responsible for 90 Data Breaches in Asia-Pacific
    Cybercrime
    03.04.25 Cybercrime
    Next article
    Arrest of a Cybercriminal Responsible for 90 Data Breaches in Asia-Pacific
    Read
    01
    MIN
    Image Chinese Cybercriminals Stole Sensitive Data from Belgian Intelligence
    Cybercrime
    03.03.25 Cybercrime
    Next article
    Chinese Cybercriminals Stole Sensitive Data from Belgian Intelligence
    Read
    01
    MIN
    Active since 2021, the cybercriminal group has targeted over 300 critical entities worldwide, including municipalities in France.

    The CISA, the U.S. equivalent of France’s Anssi, and the FBI published a report on March 12, 2025, about the Medusa ransomware gang. Emerging in 2021, the cybercriminal group has attacked at least 300 critical entities worldwide, including numerous public organizations.

    Medusa notably hacked educational institutions in Minneapolis in 2023, exposing sensitive information on more than 100,000 students. The gang has also targeted municipalities in France, public organizations in Illinois and Texas, government agencies in the Philippines, state IT systems in Tonga, and a technology company in Canada.

    Initially operating as a closed group, Medusa later transitioned to a Ransomware-as-a-Service (RaaS) model, involving affiliates. According to the report, the gang’s attacks are “relatively basic” and rely on phishing, exploiting unpatched vulnerabilities, or using initial access brokers.

    Medusa typically contacts its victims immediately after an attack, giving them 48 hours to pay a ransom. After this period, gang negotiators often reach out to the targeted entity’s executives to persuade them to comply with the ransom demand.

    The Editorial Team
    03.13.25
    Articles by the same author:
    1
    03.11.25 Cybercrime
    Pro-Palestinian Group Dark Storm Claims Cyberattack That Disrupted X
    Read
    01
    MIN
    2
    03.11.25 Cyber +
    Cybersecurity Fundraising Soars in the U.S. but Declines in Europe
    Read
    01
    MIN
    3
    03.11.25 Fraud
    Gemini enabled the production of terrorist and pedocriminal deepfakes
    Read
    01
    MIN
    4
    03.11.25 Cybercrime
    The United States Files Charges Against Ten Chinese Cybercriminals
    Read
    01
    MIN
    Image Online Child Exploitation: Four Men Arrested in Canada
    Cybercrime
    03.11.25 Cybercrime
    Next article
    Online Child Exploitation: Four Men Arrested in Canada
    Read
    01
    MIN
    Image DDoS Attacks by Pro-Russian Group NoName067(16) Against French Local Authorities
    Cybercrime
    03.11.25 Cybercrime
    Next article
    DDoS Attacks by Pro-Russian Group NoName067(16) Against French Local Authorities
    Read
    01
    MIN
    Image Arrest of a Cybercriminal Responsible for 90 Data Breaches in Asia-Pacific
    Cybercrime
    03.04.25 Cybercrime
    Next article
    Arrest of a Cybercriminal Responsible for 90 Data Breaches in Asia-Pacific
    Read
    01
    MIN
    Image Chinese Cybercriminals Stole Sensitive Data from Belgian Intelligence
    Cybercrime
    03.03.25 Cybercrime
    Next article
    Chinese Cybercriminals Stole Sensitive Data from Belgian Intelligence
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.